These mods for popular online game Dota 2 contain malware

Dota 2
(Image credit: Valve)

According to a new discovery by Avast Threat Labs - the security network run by the prominent antivirus software company - popular online game Dota 2 has been “under attack” from malicious mods containing malware, but they should now be nullified with a new update.

Despite being almost a decade old, Dota 2 still reportedly attracts 15 million active monthly players, which explains why it has been targeted by threat actors.

An outdated build of v8.dll from December 2018 has been blamed, containing a series of exploited vulnerabilities. However, these were disclosed to Valve, the company behind the game, which acted promptly to fix them.

TechRadar Pro needs you!
We want to build a better website for our readers, and we need your help! You can do your bit by filling out our survey and telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

Dota 2 malware update

Affected game mods included ‘test addon plz ignore’, ‘Overdog no annoying heroes’, ‘Custom Hero Brawl’, and ‘Overthrow RTZ Edition X10 XP’. A fifth mod by the same author was found by the name of ‘Brawl in Petah Tiqwa’, though no malware was found to be contained.

The patch notes for the January 12 game update state:

“As part of our effort to keep Dota Technology Moving Forward the version of the V8 JavaScript engine included in Dota has been updated, resulting in a new macOS requirement of 10.13+. For the vast majority of Mac players, this requirements change will have no impact.”

This version of macOS, named High Sierra, is compatible with most Mac models built from 2010 (and a number of late-2019 models).

Besides the JavaScript exploit, the hacker also included an ominously-named ‘evil.lua’ file, designed to test the capabilities of the server-side Lua execution.

Valve said that fewer than 200 players had been affected, according to Avast Threat Labs, who were notified of the attack.

Despite the attack, Avast Threat Labs indicated that Valve is generally robust in removing malicious mods thanks to the use of its proprietary gaming platform Steam. The researchers also credited Valve for reacting promptly. 

Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!