Can you get malware from the steam workshop?

[Pom2000]

Can you get malware from the steamworkshop? And if you can how to prevent and Fix it

[tkitch]

12 minutes ago, Pom2000 said:

Can you get malware from the steamworkshop? And if you can how to prevent and Fix it

One would assume that steam virus scans and such everything uploaded there, but there's no such thing as bulletproof, so always take at least some precautions anywhere you can.

[Pom2000]

1 minute ago, tkitch said:

One would assume that steam virus scans and such everything uploaded there, but there's no such thing as bulletproof, so always take at least some precautions anywhere you can.

Ok thx for letting me know

[uncreativespace]

Worthwhile to mention as well that some AV programs will produce false positives, especially if the add on is messing with anything outside of the game's installation folder. My rule of thumb is always to check the reviews.

[Pom2000]

6 minutes ago, uncreativespace said:

Worthwhile to mention as well that some AV programs will produce false positives, especially if the add on is messing with anything outside of the game's installation folder. My rule of thumb is always to check the reviews.

Ok thx for telling i got some stuff from the workshop and pc did a Windows Defender scan and it was blocked from acces in my documents folder so i checkt the reviews and there where non do u got Any other tips?

[uncreativespace]

26 minutes ago, Pom2000 said:

Ok thx for telling i got some stuff from the workshop and pc did a Windows Defender scan and it was blocked from acces in my documents folder so i checkt the reviews and there where non do u got Any other tips?

If you're positive that the game (and any downloaded content) is generally trusted by the community and doesn't contain an exploit you can tell Defender to trust the game's executable or anything running from the parent folder (Google is your friend on how to do that).

Some versions of Defender will block a lot of older titles from accessing save files in the Documents folder if it doesn't have a profile for it which can be a pain. (Civilization V is an example)

[Pom2000]

6 minutes ago, uncreativespace said:

If you're positive that the game (and any downloaded content) is generally trusted by the community and doesn't contain an exploit you can tell Defender to trust the game's executable or anything running from the parent folder (Google is your friend on how to do that).

Defender will block a lot of older titles from accessing save files in the Documents folder which can be a pain.

The thing is it was trailmakers.exe that blocked Windows Defender from scanning the documents folder and normally it does not but i adder a car or smthn from the steam workshop 

 

[darknessblade]

YES this is possible,

 

especially if the game can open a webpage by itself.

 

Then a malicious addon can force open a bazillion webpages each containing ads, malware and many links.

 

if you are logged in as admin this is more dangerous as some malware could auto install itself,

if you are logged in as a regular user, you will get a admin prompt for the password

[Ashkii]

Not sure about other games, but specifically with Gmod. There have been issues with Malicious lua files that could've installed a backdoor on your system in the past. But the mods are on top of it for the most part now. So just avoid new workshop items, and you should be okay. 

The most famous was the cough virus back in 2014

https://www.pcgamesn.com/indie/garry-s-mod-virus-filled-servers-sound-coughing

[Mark Kaine]

On 12/2/2021 at 10:16 PM, tkitch said:

One would assume that steam virus scans and such everything uploaded there

funny thing afaik they dont.* they rely on the "community" to find malicious stuff (thats also how you get things like "vanguard" which by all means must be considered malware)

 

* of course,  surprisingly unsurprisingly i dont find anything official,  but it has happened in the past (ex: Street fighter V's infamous  "rootkit") so that at least implies no checks , as does the fact there doesn't seem an official statement about the subject ...

 

 

On 12/2/2021 at 10:03 PM, Pom2000 said:

how to prevent

you can scan every item with a good av software (ex: malwarebytes) and upload the file(s) to virustotal before you "install" them.

i did that the one time i used steam workshop, i usually get mods from nexus, who actually tests (most) mods before letting users download them.

^ i still check everything i download with malwarebytes though

[IRMacGuyver]

Always check your video card and CPU usage while playing new games.  Some people are adding hash mining into their games to make other people mine for them and that slips through some times. 

[Mark Kaine]

17 hours ago, IRMacGuyver said:

Always check your video card and CPU usage while playing games.  Some people are adding hash mining into their games to make other people mine for them and that slips through some times. 

But... ? how do you know the game isn't legit using 90% cpu and 99% gpu for example? this seems like good advice,  but it also seems rather impractical if not nearly impossible... unless im missing something having good av software and actually using it properly would be better advice?

 

Also tbh, its possible sure but i downloaded a gazillion of mods and around 100 "workshop items" and haven't encountered a single "virus" yet, the only things (out of a "gazillion" mods mind you, we talking several 100 GBs here.. ) i ever found was one clearly false detection and another even more false detection  - because that mod and so called accompanying "virus" originated from my *own* pc... and ofc wasnt a virus at all... lol. i think people apparently get their viruses elsewhere  (ahem p0rn...) or other malicious sites or even email "attachments" ...  it seems really unlikely to get something from Steam (even when its definitely "possible")

 

 

 

[MultiGamerClub]

19 hours ago, IRMacGuyver said:

Always check your video card and CPU usage while playing games.  Some people are adding hash mining into their games to make other people mine for them and that slips through some times. 

maybe 10 years ago downloading from shady free fps games no one knew the location or who owned it..

 

Novadays..

On steam? Nah they would get found out pretty quickly.

[IRMacGuyver]

On 12/16/2021 at 2:50 PM, MultiGamerClub said:

maybe 10 years ago downloading from shady free fps games no one knew the location or who owned it..

 

Novadays..

On steam? Nah they would get found out pretty quickly.

"pretty quickly" doesn't mean before it's put up for the public to download.  That it is possible was my only point.  Steam doesn't completely test everything themselves they rely on community feedback. 

[IRMacGuyver]

On 12/16/2021 at 1:37 PM, Mark Kaine said:

But... ? how do you know the game isn't legit using 90% cpu and 99% gpu for example?

You just have to guess based on the visual quality.  Most the time the games that do this look like ass so they have more headroom for their mining scam.  People don't seem to implement them on games that only have amazing graphics with little room for extra code.  Though I wont put it past EA or Ubisoft. 

[MultiGamerClub]

7 hours ago, IRMacGuyver said:

"pretty quickly" doesn't mean before it's put up for the public to download.  That it is possible was my only point.  Steam doesn't completely test everything themselves they rely on community feedback. 

At one point of time i remember there was an old fps game that got added to steam, they hadnt renewed their license to use a spesific program and every anti-virus company flagged the file(s) as a major virus that needs to be contained right away.. Guess what it what? A program logging / launcher background details on the games startup.. Without file = Game useless.

 

I think 95% of the few thousand posts on the forums back then was about this bug alone and it took them a week or something to fix it.. This is many years back but even back then i knew this was fake and still allowed it.. All tho most people around me and on the internet was freaking out about some files in the games folder acting up.. LOL

 

Then again, for all i know it could be a virus but i had played this same game since 2008 or something and i knew it wasnt that shitty.. or atleast not yet at the time.

Now i think the game is gone, i remember it changed owners probably 6-7 times before it went under.. Damn i miss you AVA.