Elden Ring exploit traps players in infinite death loop

Back in January, we wrote about how the Dark Souls games had their online components switched off for PC gamers. This is because someone figured out how to execute code remotely on the target’s PC. Given that the multiplayer angle of Souls games is rather important, this was quite a body blow for anyone playing. I fired up the first Dark Souls game a few days ago to see if the online services have been reinstated. They have not.

“Logging into the Dark Souls Remastered server” appears in the top right hand corner. A few moments later, I’m greeted with the following message:

Cannot log in to the Dark Souls Remastered game server because it has been stopped or is undergoing maintenance.

I haven’t tested the other two titles but it’s the same situation there too:

It has now been 2 months since the Dark Souls PC servers were taken offline and there is still no sign of them returning https://t.co/Vds1XQVnwL pic.twitter.com/E5xVvWHsgn

— Mordecai (@EldenRingUpdate) March 23, 2022

Note that this issue doesn’t affect console gamers; it’s PC specific.

The latest round of problems for Souls titles affect the latest game from the developer, FromSoftware. Interestingly, it may have its origins in one of the games which currently has its multiplayer component switched off.

Heavy souls and broken rings

The new game in the Souls line-up (in a roundabout fashion) is called Elden Ring. In the run up to launch, some wondered if it, too, would suffer from the same remote code execution attack forcing the brand new title to launch with its online capabilities disabled.

This did not happen, and a jolly multiplayer time was had by all. Well, for a little while at least. The exploits have arrived, despite the game itself making use of the anti-cheating service called Easy Anti-cheat.

What happened?

A little over a week ago, players of Elden Ring complained that their sessions were being invaded by “hackers”. Invading people’s games is a normal feature of the title, but being put into an endless death loop, not so much.

After the first time your character dies, you’re supposed to respawn at locations resembling a bonfire. Instead, in the death loop scenario the victim simply continues to die over and over again.

⚠Elden Ring PSA for PC players⚠

There's an exploit going around on PC where hackers will corrupt your save file while you're invaded.

First they will crash your game, and when you open it back up, your character will be constantly falling to their death… pic.twitter.com/8et3bl8T1I

— Mordecai (@EldenRingUpdate) March 18, 2022

No detailed information has been released by the developer FromSoftware as to what is happening. One of the theories from players is that the invaders were able to edit their save files somehow while in game, or at least adjust some parameters related to the victim’s save points. In other words: you no longer spawn at the nearest bonfire. You respawn somewhere over the nearby ocean and die instantly on account of not being able to swim.

Avoiding the exploit

The solution, as with so many attacks of this nature, is to remove functionality from the title. Switching off online play is the only way to ensure you’re not caught by this. Anyone trapped in a death loop has to attempt an ALT + F4/rapid-fire sequence of button presses in menus to try to manually respawn at a bonfire. This, as it turns out, isn’t easy to do. At one point there were Twitch videos of people punching in the combination with the right timing.


Where did this come from?

One of the older Souls titles, Dark Souls 3 from 2016, suffered from the exact same problem. The hack there was described as being able to alter player save data and “lock them out of their save files”. The article above and most of the detailed warnings about this are from a year ago. However, there are multiple complaints about this going back to 2020.

One portion of the Elden Ring fix—using ALT + F4 to kill the game at the right moment—was even used for the fix in Dark Souls 3.

Has this been patched?

Good news! A patch was released yesterday for various game related issues. One note in particular is relevant here:

“Fixed a bug in multiplayer that allowed players to teleport others to incorrect map coordinates.”

No word as to the specifics of how they were doing it are given. Even so, this is hopefully the last we’ll see of game invading/save locking/character murdering exploits along these lines. Save points in Souls titles are supposed to be the one safe breathing space in the entire game. To have them corrupted or tampered with and cursed with instant death is probably a bridge too far for even the most hardcore of Souls players.

This hack comes hot on the heels of one which caused innocent players to receive bans.  Let’s hope fewer exploits manage to spawn in the next Souls title.

The post Elden Ring exploit traps players in infinite death loop appeared first on Malwarebytes Labs.

Article Link: Elden Ring exploit traps players in infinite death loop | Malwarebytes Labs