To combat unauthorised logins due to lots of password leaks lately (none from MTS, just other larger hacks elsewhere), I have added an IP address check to the login process. If a login attempt is made and does not match the last few IP addresses you have used, then your account will be locked and you will have to unlock it via email.

This should help prevent (along with the 3 month inactivity timer) unauthorised logins on accounts from hackers who stole credentials from elsewhere.

Remember folks - always try and use unique passwords on sites (using a password manager or so) to prevent one leak compromising your accounts!

Regards

PS No, MTS is not compromised... and no we have not been hacked.

View Full Announcement

🚨 Malicious Mod Warning

I have been made aware that multiple accounts on ModTheSims and an account on LoversLab have been compromised and several uploads have been altered with new file scripts that attempts to download files from a third-party website.

This is almost certainly malicious. Do not download these files. Do not unzip these files. Do not click or run these files. Do not allow these files to remain on your computer. If you downloaded any of the mods listed below in the past 48 hours, DELETE THEM, RUN A VIRUS SCAN, and CHANGE YOUR PASSWORDS.

This kind of attack should be covered by ModGuard and if you had that installed already then you will likely be okay (but nothing is guaranteed). If you don't have it installed, you should consider downloading it. However, if you did not have ModGuard installed and ran the game with any of the files mentioned above installed, you may be in significant trouble. We do not know the full extent of what the malware is capable of. In a worst case scenario, you may need to wipe your OS and change your passwords from a different, uninfected device.

Note:

ModTheSims has been blacklisted since February 13, 2024 and no links from my site direct to it.

LoversLab has been blacklisted since December 10, 2023 and no links from my site direct to it.

🚨 Compromised Mods

Below is a list of the known infected mods as of 3/2/2026. More Mods that are not listed may be affected.

If you have any of these mods, remove them and follow the Recommended Actions below.

These Mods should be avoided and removed if you already downloaded them, however due to gross incompetence by the attacker, we don't believe these malware vectors actually functioned at all. You're still advised to run a malware/virus scan and change your passwords if you think you have downloaded and ran these infected mods.

Mods by PurrSimity via Mod The Sims
Mods by jellyheadDimbulb via Mod The Sims
Mods by NateTheL0ser via Mod The Sims

The following Mod is an active, working attack vector. It is a trojan dropper, possibly a crypto miner. ModGuard has detected and blocked over 400 hits from this malicious file. If you ran this mod without modguard's protection, you have likely been infected.

Pedrao Virginity System by o_pedrão via LoversLab

Be aware that the malicious uploads now include content intended for The Sims 2. While a ts4script file cannot be used or activated by TS2 in any way, it is still risky to have it on your computer and it does signal a willingness by the hacker(s) to attempt attacks through other games in the series.

In the past, these viral threats have come in waves, so I recommend practicing extreme hesitance regarding installing any new mods or updates from any creator for at least a week. Make sure that any update comes with patch notes, check to see if the creator has mentioned this new upload on social media, and inspect the files inside zips to see if there are new scripts with an unknown purpose.

ℹ️ Are You Compromised

You can confirm if you've been infected by checking your Sims 4 install location for a "out.exe" or simply "out" if extensions are hidden.

Install location example: C:\Programs Files\EA Games\The Sims 4\Game\Bin

Your drive letter and path may vary.

If that file is found, DO NOT RUN IT.

Delete it.
Delete the Pedrao Virginity System mod.
Empty your Recycle Bin
See Recommended Action Below.

ℹ️ How to Prevent

Unfortunately, the only 100% way to prevent this from happening is by not downloading anything at all until further notice. However, if you choose to risk it, you should at least:

Only download mods from modders you trust. Although, if anyone else gets hacked like MSQSims, it won’t do much good.
Try to download only from the creator’s own website or patreon where they’re more likely to have Two-Factor Authentication enabled.
If the modder didn’t announce the update, but usually does on one of their platforms, avoid it until they do.
Avoid downloading from new modders that popped up out of nowhere.
At this time, only script mods are at risk. Therefore, beware of any Custom Content that includes a .ts4script, when there’s not supposed to be one (like Mouth Preset N16).
Do NOT download Mod/CC folders (aka CC Dumps) from ANYONE. You should be following this guideline even without the malware risk. The reason for this is that you don’t know what mods are included in them and by the time you download it, the mods are likely outdated/broken. So, always download from the creators themselves so you know exactly what you’re putting into your game.
Download & Install ModGuard: Mod Malware Protection by TwistedMexi.
- Although Mac & Linux users aren’t affected from this malware, it’s still recommended for everyone to have ModGuard installed to alert TwistedMexi’s team of any affected mods that aren’t known yet.
- Please report any issues with ModGuard in TwistedMexi's Discord.

ℹ️ Recommended Action

If you have installed any of the mods listed above, I HIGHLEY recommend the you do the following actions.

If you are affected:

If you had one of these files, assume that any sensitive data on your PC may be compromised and take the steps below:

Run a Virus scan on your PC. This must be done FIRST.
Uninstall Discord and any crypto wallet programs.
Change ALL of your passwords.
Add two-factor authentication when available.
If you had saved credit card or similar information to a web browser, remove it and find out from your financial institution (or other relevant site) what action to take next.
Once you are sure the malware is gone, you may re-install Discord and any crypto wallet programs from a fresh download to clear out any remnants of the malware.

Learn more about keeping your data secure in the future: Read Me.

Google Sites

Report abuse