Dark Souls 3 security issues that brought the servers down were reported months ago

DS3
(Image credit: FromSoftware)

The Dark Souls 3 security issues that resulted in its PvP servers being pulled offline have been brewing for a long time, according to the person who brought it to the public's attention with a high-profile exploit.

According to an interview with Fanbyte, the person behind the January attack - which consisted of crashing a streamer's game then causing their computer to read off some copypasta text via Windows' text-to-speech function - goes by nrssr for privacy reasons. They pulled off the hack to raise awareness of a critical security flaw they had privately raised with Bandai Namco customer support early in December 2021. A response from the support team said it would pass along nrssr's report to security teams working on the game, but it seemingly took its time.

“Given FromSoftware’s track record about fixing exploits in their online games, I was not expecting them to act quickly,” nrssr told Fanbyte. “I wanted to make sure the community had some form of protection ASAP.”

This issue is especially troubling because it allows hackers to take control over the functions of their victim's system even beyond the confines of the game; in IT security parlance, it's a Remote Code Execution (RCE) vulnerability. Fortunately, nrssr says they only exploited this vulnerability the one time to raise attention and have never released the info on how to replicate it to the public.

The bad news is that other community security researchers have found the same underlying vulnerability in the code for Elden Ring's previous network test, according to nrssr. That doesn't mean it will lead to the same issues, since the way Elden Ring functions might not allow for a similar exploit. Even if it does, FromSoftware may be furiously patching the problem right now because of all this fresh public attention.

We reached out to Bandai Namco earlier this week to see if it had any response to these Souls-related security concerns and have not yet heard back from the company.

Another security modder fears the Elden Ring release day may be "a hellscape" due to the re-emergence and exploitation of known security issues from previous games.

Connor Sheridan

I got a BA in journalism from Central Michigan University - though the best education I received there was from CM Life, its student-run newspaper. Long before that, I started pursuing my degree in video games by bugging my older brother to let me play Zelda on the Super Nintendo. I've previously been a news intern for GameSpot, a news writer for CVG, and now I'm a staff writer here at GamesRadar.

Read more
Elden Ring Nightreign screenshot showing a monstrous, terrifyingly large enemy
The first Elden Ring Nightreign network test "has ended" after a few disastrous hours, and "an additional network test is being considered" to make up for it
Elden Ring Nightreign
Elden Ring Nightreign network test starts with a stumble as PlayStation servers go down for maintenance just as it begins
Elden Ring Nightreign screenshot which shows the new Limveld environment from a high vantage point
As Elden Ring Nightreign's network test servers struggle, I'm stewing in the shame of my catastrophic first run
Elden Ring's seamless co-op modder takes their talents to Dark Souls 3, letting you "play with friends" from start to finish with "no resummoning or interruptions"
Final Fantasy 14 Dawntrail screenshot featuring character Y'shtola Rhul, a Miqo'te woman with white hair framing her face and cat-like ears
Final Fantasy 14: Dawntrail helped players block stalkers, but the problem might get much worse with a backend exploit some mods are already taking advantage of
Bloodborne
"Let me cope": Bloodborne 60fps mod creator hopes the remake is real this time as Sony seemingly sends a DMCA after yet another fan project
Latest in Action
Yasuke looking over the water to a shrine during sunset in Assassin's Creed Shadows
Assassin's Creed Shadows has an entire island stuffed with adorable kittens you need to check out, and it's based on an actual Japanese cat paradise
Assassin's Creed Shadows review gameplay showing Yasuke overlooking the sea and lush green scenery
Assassin's Creed Shadows has already "surpassed the launches of AC Origins and Odyssey" with 2 million players and counting
God of War 3
God of War PSP's seamless loading was only possible because a Jak & Daxter game was also running in the background
MindsEye
GTA veteran's new open-world game will belong to everyone – almost like a wild mix of Roblox and Minecraft servers: "It won't just be ours"
Bill getting teary-eyed in The Last of Us
A potential The Last of Us season 1 plot hole has sparked a lot of debate among the fans
Assassin's Creed Shadows Naoe "justice must be served" or "killing them isn't justice" Yaya and Mistumune choice
Should you side with Mitsumune or Yaya in Assassin's Creed Shadows?
Latest in News
A screenshot from MindsEye showing a character leaning out of a car, shooting another car with a gun.
GTA veteran says the games industry needs to "get smarter" about what people actually want: "There are so many games, and I think we're starting to feel the effects"
Posing with a rifle in the Fallout 76 Ghoul update
Fallout 76's art director "had to fight really hard" so Bethesda would make the MMO's map bigger than Skyrim's
Minecraft movie image of Jack Black as steve
Don't expect Minecraft to go free-to-play anytime soon, as Mojang says "It doesn't really work with the way we built it"
Yasuke looking over the water to a shrine during sunset in Assassin's Creed Shadows
Assassin's Creed Shadows has an entire island stuffed with adorable kittens you need to check out, and it's based on an actual Japanese cat paradise
phase zero key art showing zombies in a hallway
Former Witcher 3 and Dying Light devs reveal their Resident Evil homage, complete with PS1-style fixed cameras
Shadow of Mordor's Nemesis System was only created because WB Games wanted something to combat Batman Arkham Asylum's second-hand sales, exec says