Cities: Skylines have been bundled with malicious code by their creator, who reportedly used an automatic updater to infect users with a trojan horse and affected performance for specifically targeted fellow modders and developer Colossal Order employees.In 2021, a modder going by the name of Chaos launched a “redesigned” version of a mod called Harmony, a vital framework project that most mods in Cities: Skylines rely upon to function.Chaos also then “redesigned” several popular mods for the game, and listed his modified version of Harmony as a core download – meaning that players would have to go and download it for any dependent mods to work.However, it’s been discovered that an automatic updater was buried in this version of Harmony, which would allow Chaos to deliver malware to the devices of anyone that downloaded it.
Other malicious code was used to cripple the performance of other mods, which in turn caused players to download more of Chaos’ mods as they were advertised as solutions to these issues.
This was discovered when some of the affected modders who, after receiving reports of slow performance from fans, found the malicious code.Speaking to NME, a moderator of the Cities: Skylines subreddit told us what happened:“[Chaos] forked another popular mod, and set their version of Harmony as a dependency.
They then added fake error messages into this mod which would fire if you used the original Harmony, enticing users to their version.
Read more on nme.com