CoinFractal - The Latest Crypto Market News & Insights
Gaming

Project Zomboid Mods Were Hiding Malware — 14 Music Packs Banned After Installing Malicious Files on Up to 2,200 PCs

Photo of Michael Johnson Michael Johnson2 mins ago
0 1 minute read

If you’ve been modding Project Zomboid recently — and let’s be honest, the game’s mod scene is one of its greatest strengths — you need to stop and read this. Developer The Indie Stone has identified and permanently banned 14 Steam Workshop mods that contained “heavily obfuscated code” creating malicious files outside the game’s directory on infected machines.

The breach was caught after multiple players flagged a suspicious mod yesterday. The Indie Stone investigated, confirmed the reports, then discovered the same user had quietly uploaded 13 additional compromised mods under the same exploit. Combined, the mods had been downloaded and run on somewhere between 500 and 2,200 devices before they were taken down.

Which Mods Are Affected?

All 14 mods belonged to a music replacement series called “True MoooZIC,” adding soundtracks from popular games and media to Project Zomboid. The full list includes Risk of Rain 1 & 2, Nier: Automata, Katana ZERO, Persona 5, Jujutsu Kaisen, Hotline Miami 1 & 2, Silent Hill, Cowboy Bebop, Metal Gear Rising: Revengeance, Classic Roblox, Deltarune Ch3+4, and Minecraft Alpha+Beta.

If any of those names ring a bell from your mod list, treat your system as compromised.

The Critical Detail: Uninstalling Is Not Enough

This is the part that matters most. The Indie Stone has explicitly stated: “Simply uninstalling the mods is not sufficient.” The malicious files were written outside the Project Zomboid directory — meaning they persist after the mods are removed. Players who downloaded any of the affected mods are strongly advised to take comprehensive security measures: run full antivirus/malware scans, consider credential resets for anything sensitive accessed on the infected machine, and investigate what exactly was written to their systems.

CoinFractal - The Latest Crypto Market News & Insights

The exploit only affected Build 42 branches (the current unstable testing release). Players still on the stable Build 41 branch were not vulnerable.

The Indie Stone says the malicious user has been banned and all affected mods removed from the Workshop. An investigation into what the files were actually doing is ongoing. We’ll update this post as more information becomes available.

Bottom line: Check your mod list. Run a scan. Don’t assume the uninstall button saved you.

Tags
Photo of Michael Johnson Michael Johnson2 mins ago
0 1 minute read
Show More
CoinFractal - The Latest Crypto Market News & Insights
Photo of Michael Johnson

Michael Johnson

Michael Johnson is a content strategist and editor with expertise in gaming, technology, and digital media. He leads content operations at Brand Contractors and contributes regularly to BizzNerd.
Back to top button

Privacy Preference Center

Consent Management

Necessary

Advertising

Analytics

Other