Elden Ring & Dark Souls Games Affected by Remote Control Exploit Says Anti-Cheat Modders; Could Hijack PCs

It would seem that fans of FromSoftware’s Dark Souls franchise who are playing on PC may want to hold off on online play, as it has been recently discovered that hackers now have access to remote code execution via Dark Souls 1, DS2, and DS3, allowing them to hijack player PCs!

Over on the official Elden Ring subreddit, a new thread has cropped up, warning players of the exploit, with it potentially being available in Elden Ring as well.

It has come to our attention that a RCE exploit has been found and leaked for Dark Souls 3.

RCE stands for Remote Code Execution, meaning that hackers can run arbitary code on your machine without permission.

THIS IS A SERIOUS EXPLOIT THAT CAN CAUSE LASTING DAMAGE TO YOUR COMPUTER AND ALL OF ITS CONTENTS

By using this hackers can take hold of your PC and can do essentially do what they want with it.

The thread then details some of the things that hackers can do.

  • Brick your computer
  • Steal your logins and banking information stored on your computer.
  • Execute malicious malware like bitcoin miners
  • AND MUCH MUCH MORE

As a precaution, the Souls community on PC are being urged to play offline until a fix has been issued by FromSoftware. This includes those playing on the remasters of Dark Souls 1 and 2, as well as Elden Ring as it has been claimed by the individual who discovered this exploit.

How do we know that this is all legit? Well, it was caught during a recent live stream by  Twitch streamer, The__Grim__Sleeper. The moment of this happening can be viewed directly here from his stream, but basically his game had been closed with his screen taken over with a message playing from the hacker.

There is, however a silverlining to this all. While the exploit is very much real, the particular user that has discovered this has been confirmed to be working with the developers of the Blue Sentinel anti-cheat mod in order to implement a fix. The devs state that this users isn’t malicious, saying that they have been trying to get in touch with FromSoftware through multiple channels, though all they’re efforts have been ignored.

Thankfully, in an update issued by community members on the DS3 reddit, it does appear that the Elden Ring community manager is aware, and has issued a ticket to FromSoftware to look into it.

  1. The ER community manager has been alerted to the severity of this and has submitted reports to internal resources. Should still raise hell on media imo.

  2. Only about 4 people currently know how to do this. Two who worked on it, and the two blue sentinel developers. It has not been leaked to our knowledge. It was showcased by one of the people on streamers in more harmless capacities.

  3. If you go online, you aren’t likely to have your PC damaged, only because the people who know how to execute this understand the severity of it and are responsible. In my opinion online should still be avoided until a community solution is created.

With a little over 30 days to go until the launch of Elden Ring, hopefully FromSoftware is able to issue a fix right before launch.

As for console players, while the code may exist on their platform, due to modding limitations being restricted to firmware that are shutout of online play, they shouldn’t have to worry about this exploit, at least for now. We have asked publisher Bandai Namco for a statement regarding the matter, and will update this post if we hear anything back.

Top Games and Upcoming Releases