UPDATE: The official Dark Souls Twitter account has announced that all PvP servers for the entire series have been deactivated, although Xbox and PlayStation will remain unaffected. The title of this article has been changed following the news of the shutdowns.
The Remote Code Execution (RCE) hack essentially allows the potential attacker to execute arbitrary code on a remote device, meaning they can take control of a player’s PC. The full details of the RCE hack are still unknown, but the Dark Souls community has been aflame with warnings of the problem.
This Twitch streamer appears to have suffered from an RCE attack, and a screenshotted post from a Dark Souls Discord (via The Verge) potentially reveals that the attack was done in a non-malicious way in an attempt to raise awareness of the issue. The user who perpetrated the attack had apparently already tried to contact FromSoftware but didn’t receive a response.
There is some good news amidst all of this, as the popular anti-cheat mod for Dark Souls 3 called Blue Sentinel has been updated to combat RCE hacks. As noted by Reddit user Jonientz, the mod has “code obfuscation to prevent reverse engineering,” which is when the code is made deliberately tricky for humans to understand to protect the game.
According to reports around the internet, only a few players know how to use this RCE hack and are responsible actors, so the likelihood of being impacted without any protection is slim, but the issue could affect other FromSoftware titles.
This means next month’s release of Elden Ring will need protection from RCE hacks, as reports suggest that the same issue has been found in the data mined code for the game. We’ll update the story when we hear from Bandai Namco on the subject.
Currently, it is recommended that Dark Souls 3 players either install Blue Sentinel or play the game in offline mode.