Download SimsVirusCleaner.exe from their github page linked here and run it. This program should work even if you downloaded the malware outside of CurseForge. To quickly remove the malware from your computer, Overwolf has put together a cleaner program to deal with it. We are unware at this time if the malware has any function which would delete the file at a later time to cover its tracks. If there is a file in this folder called Updater.exe, you have unfortunately fallen victim to the malware. This will open up the folder the malware was using. Enter %AppData%/Microsoft/Internet Explorer/UserData in the prompt and hit OK. To quickly check if you have been compromised, press Windows + R on your keyboard to open the Run window. Thank you to anadius for decompiling the exe. If the exe file was downloaded and executed on your Windows device, it has likely stolen a vast amount of your data and saved passwords from your operating system, your internet browser (Chrome, Edge, Opera, Firefox, and more all affected), Discord, Steam, Telegram, and certain crypto wallets. "Seasons Cheats Menu" uploaded to The Sims Resource by MSQSIMS (hacked, real account)ĭue to this malware using an exe file, we believe that anyone using a Mac or Linux device is completely unaffected by this. "Weather and Forecast Cheat Menu" uploaded to The Sims Resource by MSQSIMS (hacked, real account) "Social Events - Unlimited Time" uploaded to CurseForge by MySims4 (single-use account) "Cult Mod v2" uploaded to ModTheSims by PimpMySims (impostor account) To recap, here are the mods we know for sure were affected by the recent malware outbreak: The Sims After Dark Discord Server has posted the following Info regarding the Issue: These Days some Mods containing Malware have been uploaded on various Sites. That's all I have for you! Stay safe, and happy Simming! □□ If I can't do that, I see if it was shared via Drive, look at the individual files themselves, then head to the original CC creator's official download page and get it from the source. If I see a Sim dump with CC that I'm interested, I try to reach out to the poster and ask where they got specific CC. Here's how I like to approach it: I stick to lookbooks and combing through the Patreons/accounts of creators who make items I like. So even after this issue is resolved, you really should only download files from the creators themselves. Two of them were even posted from a trustworthy creator's actual account! The only way to know what they actually do is to peek into the code, and idk about you, but I don't know Python. Make no mistake, the malicious files in question look like run-of-the-mill, everyday mods.
In fact, I appreciate the amount of effort people put into compiling these resources! But unless you're super careful (and super knowledgeable), you run the risk of downloading malware like this on your computer. This does not mean that anyone sharing them is doing so maliciously.
This includes Sim dumps, building/lots with CC, mod folders promoted on YouTube, etc. Please STOP downloading mod file folders from people who did not create the specific mods. I want to talk about how we approach modding our games and downloading files in general.
It's always a good idea to change passwords every couple of months or so, but if you think you've been affected, you also need to change your passwords for things like online banking, email and social media accounts, healthcare sites AFTER running the cleaner. Identity Theft: What It Is, How to Prevent It, Warning Signs and Tips - NerdWallet This is very, very serious, and could wreck your life if said data/personal info falls into the wrong hands. Lots of theories are being made by people far more knowledgeable than me, but from the looks of things, could be crypto bullshit and/or an attempt to steal your data and sell it. Mac and Linux users seem to be safe Windows users are the ones that could be affected.As of right now, antivirus software may not be able to detect the malware.If downloaded, these malicious mods have the ability to steal very sensitive info (your passwords, credit card info if saved somewhere in your browser, data).had their account compromised on 2 of those sites (they are a victim of hacking, so do not send them hate!).Fake mods were uploaded to Curseforge, ModTheSims, and The Sims Resource.