These mods for popular online game Dota 2 contain malware

According to a new discovery by Avast Threat Labs – the security network run by the prominent antivirus software company – popular online game Dota 2 has been “under attack” from malicious mods containing malware, but they should now be nullified with a new update.

Despite being almost a decade old, Dota 2 still reportedly attracts 15 million active monthly players, which explains why it has been targeted by threat actors.

An outdated build of v8.dll from December 2018 has been blamed, containing a series of exploited vulnerabilities. However, these were disclosed to Valve, the company behind the game, which acted promptly to fix them.

Dota 2 malware update

Affected game mods included ‘test addon plz ignore’, ‘Overdog no annoying heroes’, ‘Custom Hero Brawl’, and ‘Overthrow RTZ Edition X10 XP’. A fifth mod by the same author was found by the name of ‘Brawl in Petah Tiqwa’, though no malware was found to be contained.

The patch notes for the January 12 game update state:

“As part of our effort to keep Dota Technology Moving Forward the version of the V8 JavaScript engine included in Dota has been updated, resulting in a new macOS requirement of 10.13+. For the vast majority of Mac players, this requirements change will have no impact.”

This version of macOS, named High Sierra, is compatible with most Mac models built from 2010 (and a number of late-2019 models).

Besides the JavaScript exploit, the hacker also included an ominously-named ‘evil.lua’ file, designed to test the capabilities of the server-side Lua execution.

Valve said that fewer than 200 players had been affected, according to Avast Threat Labs, who were notified of the attack.

Despite the attack, Avast Threat Labs indicated that Valve is generally robust in removing malicious mods thanks to the use of its proprietary gaming platform Steam. The researchers also credited Valve for reacting promptly. 

• Protect yourself with the best endpoint protection software or best firewalls