Store Page
Downfall - A Slay the Spire Fan Expansion
All Discussions Screenshots Artwork Broadcasts Videos News Guides Reviews

Downfall - A Slay the Spire Fan Expansion

Store Page
Michael Mayhem  [developer] Dec 26, 2023 @ 2:22pm
Downfall Breach Information (Official)
Hello all, apologies that it took us this long to get an official update out here. The steam accounts themselves were also compromised, so we could only post unofficially.

Yesterday, Table 9 Studio experienced a security breach, at which time an entity replaced our games with malicious software. At the current moment, we know of only 3 users across all of our games that were affected.

The breach window was brief, but every minute is a minute longer than is acceptable. It affected only the main branch of standalone downfall, not the Workshop in any way. The signature that you were impacted would have been a Unity library installer firing off when you tried to launch Downfall (and had recently updated that morning). The time of the breach was roughly 12:30 PM Eastern, probably a little after that considering it takes time for Steam clients to detect an update, lasting until about 1:30 PM. If you were already playing and had seen the game, you're fine, the breach deleted the actual game and replaced it with something else. If you believe this to be affecting you, please contact me on Discord at mikemayhemdevthesecond (a separate account as my main also was compromised as part of the breach). We have some additional information that may help secure you.

We've had reports that the hacked upload was caught by most live protection, including built in Windows Defender, which is good. But, if you did see that Unity library installer, you are unfortunately at risk. If you are, then recommendations at this time are to change important passwords if you are not on 2FA. Sign up for 2FA if you haven't already (that automatically prevents attacks like this from ever working). Run an antivirus scan of your choosing (I use BitDefender, it's free).
Last edited by Michael Mayhem; Jan 15, 2024 @ 5:06pm
< >
Showing 1-15 of 17 comments
Michael Mayhem  [developer] Dec 26, 2023 @ 2:53pm 
I have a made a more thorough announcement here:
https://steamcommunity.com/app/1865780
Last edited by Michael Mayhem; Dec 26, 2023 @ 2:53pm
#1
POOPFART Dec 26, 2023 @ 3:33pm 
So if we updated the game yesterday but didn't launch it, we're in the clear, correct?
#2
Michael Mayhem  [developer] Dec 26, 2023 @ 3:36pm 
Correct. Updates did not trigger anything by themselves.
#3
Cyrus Dec 27, 2023 @ 1:15pm 
I uninstalled the game a few days ago (got the missing executable error and checked discussions to see if anyone was having the same issue) when I saw the posts in this discussion forum and manually deleted the downfall folder from my Steam folder. Went to reinstall after the above official post said it's safe to play again and now I'm getting this error when trying to launch. "Steam/steamapps/common/downfall - a slay the spire expansion/jre/bin/javaw.exe" missing executable, unable to launch. Verifying files doesn't fix the missing file.

Currently Downfalls install size says it's 0 bytes.
Last edited by Cyrus; Dec 27, 2023 @ 1:21pm
#4
Cyrus Dec 27, 2023 @ 1:16pm 
I don't have Slay the Spire original installed, maybe I need to reinstall that then do Downfall.
#5
Splash Dec 27, 2023 @ 2:52pm 
my Downfall is still killed and while the situation got i fixed i still can't play Downfall is there gonna be any update roll out to automatically fix the issue?
#6
Michael Mayhem  [developer] Dec 27, 2023 @ 4:37pm 
If you experienced a missing .exe issue, try uninstalling and reinstalling. This particularly seemed to be a problem for Mac and Linux users but should now be resolved.
#7
Vesperan Dec 27, 2023 @ 7:09pm 
Did the malware affect Mac users? We had a Mac try to play the game 2 days ago and it didnt work - but I'm afraid I can't recall the error. I will run anti virus etc anyway, but any info on this front would be appreciated.

Thanks as well for the updates on the store page and here, I appreciate them and the heartache this will have caused you/the Devs. Ironically, I've never played Downfall - its my wife's game..
#8
Michael Mayhem  [developer] Dec 27, 2023 @ 8:26pm 
Originally posted by Vesperan:
Did the malware affect Mac users? We had a Mac try to play the game 2 days ago and it didnt work - but I'm afraid I can't recall the error. I will run anti virus etc anyway, but any info on this front would be appreciated.

Thanks as well for the updates on the store page and here, I appreciate them and the heartache this will have caused you/the Devs. Ironically, I've never played Downfall - its my wife's game..

No, it doesn't look like the malware could affect anything but windows as far as we could tell. No reports of an affected Mac thus far.
#9
seungji5131 Dec 28, 2023 @ 4:36am 
I just saw this news and uninstalled it. But somehow I can't re-install it back.
I think I updated yesterday but not launch it. How can I play the game?
It says I don't have authority to install it back. Please let me know
#10
mikemayhemdev Dec 28, 2023 @ 1:04pm 
Originally posted by seungji5131:
I just saw this news and uninstalled it. But somehow I can't re-install it back.
I think I updated yesterday but not launch it. How can I play the game?
It says I don't have authority to install it back. Please let me know
Do you still own Slay the Spire?
#11
Rhazya Dec 31, 2023 @ 3:40am 
It seems that the virus came back so i guess the original trojan is still somewhere out there. Any idea where it might be coming from? Since i barely use this computer and didnt reinstall the game, i guess it means the original is still there. I was added by michael mayhem on steam, i assume it was the hacker as well?

I feel i am being taregetted at this point, so i'd like any new info about what might be trigering all this. Downfall is uninstalled. Only thing i did is discord, steam and epic. Might it be embedded in steam? Is it something possible? And it was the same unitylib thing. This time a fair bit bigger, for whatever reason.
#12
mikemayhemdev Dec 31, 2023 @ 12:57pm 
Originally posted by Rhazya:
It seems that the virus came back so i guess the original trojan is still somewhere out there. Any idea where it might be coming from? Since i barely use this computer and didnt reinstall the game, i guess it means the original is still there. I was added by michael mayhem on steam, i assume it was the hacker as well?

I feel i am being taregetted at this point, so i'd like any new info about what might be trigering all this. Downfall is uninstalled. Only thing i did is discord, steam and epic. Might it be embedded in steam? Is it something possible? And it was the same unitylib thing. This time a fair bit bigger, for whatever reason.

I did add you as well as anyone else who reported they were affected to give a more direct and non-public line of communication. If you haven't got it already, I would recommend getting BitDefender and letting it run a sweep. So far, reports from users with BitDefender reported it found and deleted the trojan without issue, while other security and anti-malware suites did not. Once you have BitDefender installed and it is sweeping, disconnect that hardware from the internet. If possible, install it by downloading to a USB stick on another computer or something like that so you can stay off the internet completely.

You should also be changing any passwords for anything that may have been stored on that computer, saved in the browser, or were currently authenticated (meaning currently logged in). But do not do this on the affected machine if possible.
Last edited by mikemayhemdev; Dec 31, 2023 @ 12:59pm
#13
xavixavieri Jan 5, 2024 @ 11:46pm 
Hi, I am affected by this and only found out about the problem recently. I had removed the appdata files and disabled the windowsappmanager trojan. I am running malwarebytes now, is there anything else I should do or have a lookout for? Thank you
#14
Critical Mass Jan 8, 2024 @ 11:55am 
Was the malware attached to updates for the Downfall mod or to the base game of Slay the Spire?
#15
< >
Showing 1-15 of 17 comments
Per page: 1530 50

Downfall - A Slay the Spire Fan Expansion > General Discussions > Topic Details
Date Posted: Dec 26, 2023 @ 2:22pm
Posts: 17

Discussions Rules and Guidelines