Embedded Files
📢 Updates Are Currently Paused. More Information Coming Soon.
Home > Game Hub > Graveyard > The Sims 4 > News Feed > ModTheSims Malicious Mods Warning
ℹ️ This Game has been Retired.
ModTheSims Malicious Mods Warning
Updated: November 6th, 2024Posted: November 5th, 2024
Overview
Malware Update
November 6th, 2024At this time, it appears the attack was limited to just the accounts of TwistedMexi and moxiemason. No other hacks have been detected or reported, and there does not appear to be any high-level breach into ModTheSims's systems or staff accounts. The fact that two unrelated MTS accounts were compromised simultaneously appears to have been a coincidence. The staff at ModTheSims have added new security measures to restrict the ability of new and inactive accounts to upload files, which should hopefully stop this from happening in the future.
The following files are the sources of the malware:
Tmex-UI.ts4script
Tmex-Framework.ts4script
twistedmexi__fullhouse_ui_framework.ts4script
moxiemason_nomosaic_uiframework.ts4script
mod.pyc
All of these are fake files with new names that were never part of the original mods, so if you have any of these installed, then you need to take measures to make sure you secure your computer and personal data.
Fortunately, the specific kind of attack is covered by ModGuard and if you had that installed already then you should be okay. This is a great reminder to everyone to install ModGuard!! However, if you did not have ModGuard installed and ran the game with any of the above files installed, you may be in significant trouble. We still do not know the full extent of what the malware is capable of, it appears to be a data scraper. It likely only affects Windows devices. In a worst case scenario, you may need to wipe your OS and change your passwords from a different, uninfected device.
TwistedMexi Statement Via Discord
November 5th, 2024Avoid ModTheSims Downloads Until Further Notice
MTS has not been a valid place to download my mods for over 5 years now, but it appears many script mods on there, both old and new, by multiple creators have been edited by an unknown third party.
The assumption is of course that this is malicious.
We're currently investigating but want to get the heads up out that you should refrain from downloading any mods from MTS currently, especially if it has a recent upload date.
🚨 ModTheSims Malicious Mod Warning
I have been made aware that three mods from TwistedMexi were suddenly updated on ModTheSims after years of that account being inactive.
TwistedMexi have confirmed that he did not upload these himself, and his account must have been compromised.
I have now been made aware that this has affected files purporting to be from moxiemason, too. Also on years old projects that haven't been updated in some time. There is no way to know exactly how many projects or accounts have been compromised at this time.
The only advice I have is to not download ANYTHING from ModTheSims until further notice.
I repeat, do not download ANYTHING from ModTheSims until further notice.
All of these compromised mods have been altered to include a new script called mod.pyc that as of this time we have been unable to decompile. This is almost certainly malicious. Do not download these files. Do not install these files. Do not run the game while they are on your computer.
If you have already installed any mods from ModTheSims in the past 24 hours, DELETE IT immediately, and RUN A VIRUS SCAN on your computer.
Note: Due to the lack of response from the last Malicious Mod Outbreak, ModTheSims has been blacklisted since February 13, 2024 and no links from my site direct to it.
ℹ️ Recommended Action
If you have installed any of the mods listed above, I HIGHLEY recommend the you do the following actions.
If you are affected:
If you had one of these files, assume that any sensitive data on your PC may be compromised and take the steps below:
Run a Virus scan on your PC. This must be done FIRST.
Uninstall Discord and any crypto wallet programs.
Change ALL of your passwords.
Add two-factor authentication when available.
If you had saved credit card or similar information to a web browser, remove it and find out from your financial institution (or other relevant site) what action to take next.
Once you are sure the malware is gone, you may re-install Discord and any crypto wallet programs from a fresh download to clear out any remnants of the malware.
Learn more about keeping your data secure in the future: Read Me.
ℹ️ How to Prevent
Unfortunately, the only 100% way to prevent this from happening is by not downloading anything at all until further notice. However, if you choose to risk it, you should at least:
Download and install ModGuard by TwistedMexi.
Only download mods from modders you trust. Although, if anyone else gets hacked, it won’t do much good.
Try to download only from the creator’s own website or Patreon where they’re more likely to have Two-Factor Authentication enabled.
If the modder didn’t announce the update, but usually does on one of their platforms, avoid it until they do.
Avoid downloading from new modders that popped up out of nowhere.
Do NOT download Mod/CC folders (aka CC Dumps) from ANYONE. You should be following this guideline even without the malware risk. The reason for this is that you don’t know what mods are included in them and by the time you download it, the mods are likely outdated/broken. So, always download from the creators themselves so you know exactly what you’re putting into your game.
Google Sites
Report abuse