Earlier this morning, Bandai Namco and From Software announced that all the servers for Dark Souls Remastered, 2, and 3 were temporarily shut down because of an “issue with online services.” While the publisher didn’t share more details, it’s believed the “issue” is a recently publicized PC exploit that would allow a malicious hacker to invade your game and then remotely run code on your PC, effectively taking control of it.
Yesterday, a post on the Elden Ring subreddit announced that a remote code execution (RCE) exploit had been discovered. These types of exploits are very nasty as it lets a hacker take control of your computer, allowing them to brick it, steal sensitive data and files or activate malicious software.
The exploit is only on the PC and doesn’t work on the Dark Souls games released on consoles.
The Dark Souls RCE exploit was seen in action two days ago during a Dark Souls 3 livestream. Twitch user The__Grim__Sleeper was playing the game and after getting invaded, his game crashes and a text-to-speech narrator begins speaking. To be clear, The Grim Sleeper had no control over this and was shocked when it happened.
Within the Dark Souls community, it’s believed that the person responsible for hacking that stream was not a malicious hacker, but instead, someone who has known about this exploit for some time now. Reportedly, they had tried to contact From Software about the RCE exploit but felt ignored by the dev and publisher. To gain more attention and possibly push From Software to act, it’s believed the user used the exploit on a livestream.
According to a post on the Dark Souls 3 subreddit, Blue Sentinel, a fan-developed anti-cheat for the game, has already been updated to stop this exploit. It’s also explained that initial reports that the exploit has leaked are possibly incorrect, with it speculated that only around four people who are directly involved with Blue Sentinel know how to pull off the nasty hack.
Kotaku has reached out to the publisher about the exploit and the PC servers shutting off.
Part of the fear surrounding this exploit is that it’s theorized that it could work in Elden Ring, due to how similar the tech used in that game is with previous From Software titles. The hope is by revealing the exploit now, ahead of the game’s release, it can be fixed before Elden Ring releases next month.
Bandai Namco seems to have taken notice of the issue. It replied to a Reddit post about the Dark Souls RCE, saying: “Thanks very much for the ping, a report on this topic was submitted to the relevant internal teams earlier today, the information is much appreciated!”
And now the servers for all Dark Souls games on PC are currently down, with no information yet on when they will return. While Bandai Namco hasn’t confirmed this downtime is a result of this exploit, it seems very likely.