A malicious file that has been added to one of Skylines 2 mods has been addressed by publisher Paradox Interactive, as further precautionary steps are shared to ensure a safe gaming experience for players of the city-building game.
Skylines 2 “Traffic” Mod Malware Issues Are Being Fixed
V.0.2.4 Is Safe to Play
In a new statement on Paradox Interactive's website, the Cities: Skylines 2 publisher addressed a recent widespread security issue with one of Skylines 2's mods called, "Traffic." A malicious file was added to the Traffic mod, which said file is believed to have been targeting players' crypto wallets, in particular the Exodus crypto wallet.
"Over the weekend, we have had our experts - along with other DFIR teams - investigating the file, and we believe our initial suspicion of malware was accurate. While we cannot 100% confirm its purpose as of yet, our current belief is that it is a file designed to target Crypto Wallets on exposed systems, specifically Exodus crypto wallet," Paradox Interactive said in its community post. "Regardless of whether this turns out to be confirmed or not, the file has enough suspicious activity that it should still be considered harmful."
Additionally, according to Paradox Interactive, 30 out of 72 security vendors now flag the mod as malware in their scans. As a preventative measure, Skylines 2 players are urged to update their antivirus/antimalware software. Paradox Interactives has also assured players that all new mods on the Paradox platform will "always get run through a virus scan as a general precaution."
On Monday evening, an update was reportedly made to the Traffic mod, which included a malicious .dll file. Following this, Paradox Interactive confirmed that it had already removed the file and that the current version as of 2024-10-31 15:35 CET, according to the publisher, can be downloaded and used safely. However, Paradox Interactive cautioned that if the mod has been synced and players have played the game using the mod between Monday and then, "there is a possibility that you may have the malicious file," the publisher said.
How to Fix Skylines 2 Traffic Mod Malware Issue
Paradox Interactive shared the following additional steps players can take to secure your game and system, as Paradox works on fully resolving the malicious tampering of the Traffic mod:
・If you have not played with the Traffic mod and have not subscribed nor downloaded it, there should be no risk to your system and nothing you need to do.
・If you have the Traffic mod and have not played Cities: Skylines 2 between Monday and today, let the mod sync as normal, and the malicious file should be deleted automatically. Please still scan your system with an anti-malware program like Windows Defender.
・If you have played using the affected version, please check your local files. If you have any malicious files installed, you will find them here; %AppData%\LocalLow\Colossal Order\Cities Skylines II.cache\Mods\mods_subscribed\80095_13.
・Note that it is only specifically the 80095_13 folder that will contain malicious files; if you do not see this folder, you do not have the compromised version of the mod.
・If you do locate this folder, use an antivirus or antimalware program to quarantine it and/or remove it from your system, and run a thorough scan of your drives.
・As a precaution, we recommend changing your passwords.
Source:
Additional information regarding malware suspicion on the Mod “Traffic” on Cities: Skylines II