Are Obfuscated VisuStella Plugins Malware?
Using obfuscated plugins puts game developers at risk, according to a member of the official RPG Maker forums.
In a thread discussing the encrypted VisuStella plugins, Faherya wrote a post pointing out a big problem with them:
1) If you don’t know what’s there, your data and your machine are at risk.
2) If you ignored the first point, you are exposing the machines of the people to whom you plan to distribute the project. And if there is a problem, the responsibility is yours. From virus infections or data leaks, it will be left to you judicially.
3) It is not feasible to carry out tests to find out if the script is doing what it says to do in the best way. Closed source cannot be audited and, consequently, optimized.
The above was posted on August 22, 2020. Unfortunately, further discussion wasn’t allowed. RPG Maker Web saff member and VisuStella team member Archeia closed the thread without giving anyone the chance to address the concerns raised by Faherya.
Obfuscated plugins hide their source code, which means that game developers using them don’t know exactly what the code does. It could be doing anything, from opening up the doors for more elaborate malware, to mining cryptocurrencies in the background, gathering usage statistics or even searching the computer for personal files or data to send to some server somewhere.
To be fair, the obfuscated plugins aren’t likely to be doing any of that, but if they do, and the players of games that use those plugins find out, they are going to blame whoever made the game, not the authors of plugins used in the game.
Even if the plugin authors themselves don’t put malware into their obfuscated plugins, someone could add obfuscated malicious code to one of these plugins and distribute the edited, evil version — and no one would know, because it’s all obfuscated.
If any problem arises, players are going to blame the author of the game.
Do you think the risk is worth it?
79 Comments
Bullshit article.
If things have malware, it being obfuscated or open source doesn’t matter. Your malware detector would be ringing bells the moment it enters the computer.
And cryptomining? Really? FFS Cryptomining requires hours upon hours of a computer being on. Getting people to play RPG Maker games is a challenge by itself. Having them play a session over an hour is an even bigger challenge. Cumulative hours spent doesn’t matter here because that’s not how block chains work.
Want proof that Visustella isn’t putting trojans or stealing data? Download their plugins, put them into your game, test play and press F12 to open up the node js debugger. Go to the network tab and see if anything is even connecting online. If there is, it would be constantly active.
This post is just made by another butthurt user.
Agreed, its a huge stretch to call obfuscated code Malware and is very easily debunked using the network tab in the console.
It is articles like these that make VS seem like a bad group of people when they’re just not, yes the obfuscate their code but that is by no means an evil action, and they’ve mentioned multiple times its to prevent theft, many people have understood this since day 1.
Hey there! I know this is kinda off topic but I was wondering
which blog platform are you using for this website? I’m getting sick and tired of
Wordpress because I’ve had problems with hackers and I’m looking at options for another platform.
I would be fantastic if you could point me in the direction of
a good platform.
Everything is very open with a clear explanation of the challenges.
It was truly informative. Your website is extremely helpful.
Many thanks for sharing!
Keep on working, great job!
Hmm is anyone else encountering problems with the images
on this blog loading? I’m trying to figure out if its a problem on my
end or if it’s the blog. Any feed-back would be greatly appreciated.
Ahaa, its fastidious discussion on the topic of this article here at this weblog,
I have read all that, so now me also commenting at this place.
Howdy! This is kind of off topic but I need some help from an established
blog. Is it very hard to set up your own blog? I’m not very techincal but I can figure things
out pretty fast. I’m thinking about making my own but I’m not sure where to begin. Do you have any tips or suggestions?
Cheers
Malware detectors don’t detect all malware, which is one of the reasons why new malware is developed.
People found malicious code in Github repositories, and even the NPM package manager was used by malicious actors to spread malware to NodeJS developers.
Obfuscated plugins can also be used in the same way. No one claimed VisuStella is doing that, but denying that obfuscated plugins could be successfully used to spread malicious code is just denying reality.
Then there’s the problem of third party actors adding obfuscated malware to obfuscated plugins and spreading the malicious version.
These things do happen in the world outside RPG Maker, and obfuscated plugins are a great way for it to happen in the RPG Maker world too.
Malicious npm package opens backdoors on programmers’ computers
The above proves that malicious code (JavaScript in this case) can indeed be distributed undetected by malware detection software. Note that it was a security researcher from Sonatype who discovered and analysed the package, and not automatic detection software.
The npm docs even have a section on reporting malware people find in packages.
Here’s another source for you to read: Malicious NPM packages target Amazon, Slack with new dependency attacks
As for Github, here’s one: Github uncovers malicious ‘Octopus Scanner’ targeting developers
These are just a few real world examples of malicious code not being detected by anti-malware software.
When you close a conversation… it will still happen, just somewhere else.
I see this article as simply reopening the conversation. And thank you for that.
I will not speak on the technicality of malware. (I am not knowledgeable.) Only that… my browser warns me quite often when I download plugins. That it can potentially be harmful to my computer. (And I’ve downloaded thousands.)
If obfuscation becomes a trend, and there is risk of malware. Then perhaps users need to be conscious where they are downloading their plugins from. And often peak at their network tab in console, while initially testing them.
Yeah, and mine warns me every time I download an RPG Maker game. Doesn’t mean it’s right, just that there’s always a possibility of danger when downloading certain extension types.
I think I’ll trust a tried and true group like Visustella over random people who seem to think that they have any knowledge on the subject when they obviously don’t.
You make a good point about someone adding to code, which is why getting it from the source, which has a history in the community and has built trust over a decade of providing quality content for people to use, is always best.
Fearmongering is above you, my dude. Seriously. You’d have a point if you were talking about random Joe who released a plugin from who knows where, but with an established group who have a name and reputation, it’s a dumb point to make. It’d be non-beneficial to them to ruin their name in the community over something that all naysayers who poke through their code like the vultures they are (and don’t pretend that there aren’t people who have found ways to unobfuscate the code illegally, looking to ‘borrow’) would have found easily enough.
Rumour and lies aren’t a pretty look for you and your friends, buddy.
What rumors and what lies? What fear mongering? The article raises awareness about a security threat posed by obfuscated code.
No. What your article points out is targeting a single plugin maker based off a very broad and limited understanding on how malware works throwing unfounded accusations and providing zero proof to back them up. If you want your article to be a serious article then try doing it based on the actual problem and not just targeting a single creator.
On top of that, you said she closed it without giving anyone a chance to address it? She clearly stated the reason as to why it was closed and then linked the reason as to why it was closed. Once again, please read the entire post before throwing accusations. Next time, just make your article based on malware in obfuscation and don’t target someone who is clearly not doing it and is clearly just doing their job as a moderator of the website.
If you’re messing with plugins then you should know how to read JavaScript. If it’s obfuscated and you feel uneasy about it, then simply don’t buy it. But anti-malware has false positives all the time same with a browser. Every user that still stands by that and doesn’t understand what a false positive is by now is just ignorant. And the fact you’re messing with plugins without knowing what you’re doing makes you double-y ignorant.
As a dlsclaimer, although I was a member of the team of devs hired to port some of the YEP library to VS, I’m not employed by VisuStella and am not an official employee thereof.
…this is not the smoking gun you seem to think it is, and the flimsiness of the argument becomes apparent once you simplify it and extrapolate to other situations. Take someone who doesn’t know a word of JavaScript: if they download a plugin that contains malware, and their firewall/virus scan picks up something malicious, they’re not going to have any more of a clue where it came from than someone using a hypothetically-infected obfuscated plugin. Obfuscation is not in any way connected to ability for a virus scanner to pick up malware, and to imply that it is is to take advantage of those who don’t realise this and take a problem that can exist in anything regardless of obfuscation and lay it as obfuscation’s door as a way of saying it’s a bad thing.
Who said anything about a smoking gun?
The article raises awareness about a real threat posed by obfuscated code. Malware detection software can’t detect all malware, and obfuscated code makes it much harder for people to detect it.
Do you disagree with the statement “malware detection can’t detect all malware”? Do you disagree with the statement “obfuscated code makes it much harder for people to detect malware”?
Obfuscated code slow down game’s performance, anyone who is not stupid will use Mv instead
No, it doesn’t. If you’re finding game performance issues it’s probably because you’ve added a lot of bad implementation of plugins, not the plugins themselves. Please stop spreading lies.
Very nice article. I certainly appreciate this site. Keep
writing!
When I originally commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment
is added I get four emails with the same comment.
Is there any way you can remove people from that service?
Many thanks!
I loved as much as you will receive carried out right here.
The sketch is attractive, your authored subject matter stylish.
nonetheless, you command get got an shakiness over that you
wish be delivering the following. unwell unquestionably come more formerly again as exactly the same nearly very often inside case you shield
this hike.
I visited various web sites but the audio quality for audio songs current at this website is actually marvelous.
Hmm it seems like your site ate my first comment (it was super long) so I guess I’ll just
sum it up what I wrote and say, I’m thoroughly enjoying
your blog. I too am an aspiring blog blogger but
I’m still new to everything. Do you have any helpful hints for
novice blog writers? I’d definitely appreciate it.
Hello, its good piece of writing about media print, we all know media
is a great source of facts.
I’ve been browsing online more than three hours today,
yet I never found any interesting article like yours.
It is pretty worth enough for me. Personally, if all web owners and bloggers made good
content as you did, the net will be a lot more useful than ever before.
I couldn’t refrain from commenting. Perfectly written!
Very good post! We are linking to this great post on our site.
Keep up the good writing.
I read this paragraph completely regarding the difference of newest and previous technologies,
it’s remarkable article.
At this moment I am going to do my breakfast, later than having my breakfast
coming over again to read further news.
What’s up colleagues, how is everything, and what you desire to say concerning
this post, in my view its genuinely remarkable in favor of me.
Im sorry, but if you want to be taken seriously, PLEASE write an article that talks about malware in obfuscation and not malware in obfuscation on specific plug in developer.
We have known these devs for more than 10 years, we have downloaded their plug ins time and time again and NO ONE (and I can bet on it) NO ONE has ever had a problem.
I don´t know what your beef with VS is and I dont really care. They develop for the community mostly, and mostly, the communty supports them 100%.
So, a quick answer to Are Obfuscated VisuStella Plugins Malware?: Fucking no.
.
I am sure this paragraph has touched all the internet visitors, its really really fastidious article on building up
new website.
Great beat ! I wish to apprentice while you amend your web
site, how could i subscribe for a blog website?
The account aided me a acceptable deal. I had been a
little bit acquainted of this your broadcast offered
bright clear idea
Thanks so much with regard to giving everyone an update on this issue on your blog. Please realise that if a fresh post becomes available or in the event any alterations occur on the current article, I would consider reading more and finding out how to make good usage of those techniques you discuss. Thanks for your time and consideration of other men and women by making this web site available.
Hi there! Someone in my Facebook group shared this website with us so I came to
give it a look. I’m definitely enjoying the information. I’m
bookmarking and will be tweeting this to my followers!
Exceptional blog and wonderful design and style.
Ahaa, its nice discussion on the topic of this article at this place
at this weblog, I have read all that, so at this time me also commenting
here.
I like what you guys are up too. This sort of clever
work and coverage! Keep up the great works guys
I’ve included you guys to my blogroll.
I always emailed this web site post page to all my
friends, as if like to read it then my friends will too.
Greetings! Very useful advice in this particular post!
It’s the little changes that make the most important changes.
Many thanks for sharing!
Thanks for another fantastic article. Where else may anyone get that type of info in such a perfect method of writing? I have a presentation subsequent week, and I am on the look for such information.
Howdy! This blog post couldn’t be written much better!
Looking at this article reminds me of my previous roommate!
He constantly kept talking about this. I will send this
information to him. Pretty sure he’ll have a very good read.
I appreciate you for sharing!
Great article. I will be experiencing a few of these issues as well..
It is the best time to make some plans for the future and it is time to
be happy. I’ve read this post and if I could I wish to suggest you few interesting things or advice.
Maybe you can write next articles referring to this article.
I wish to read even more things about it!
I’ll immediately seize your rss as I can’t to find
your e-mail subscription link or e-newsletter service.
Do you’ve any? Kindly permit me know in order
that I may subscribe. Thanks.
Ahaa, its good discussion about this article at this place at this blog, I have read all that,
so now me also commenting here.
Greetings from Ohio! I’m bored at work so I decided to check out your site on my iphone during lunch break.
I enjoy the info you present here and can’t wait to take a look
when I get home. I’m surprised at how quick your blog loaded on my phone ..
I’m not even using WIFI, just 3G .. Anyhow, good blog!
I visited many websites but the audio feature for audio songs present at this web page is truly fabulous.
I just could not leave your website prior to suggesting that I really
enjoyed the usual info an individual provide to your guests?
Is going to be back continuously in order to investigate cross-check new posts
It is appropriate time to make a few plans
for the longer term and it is time to be happy.
I’ve learn this post and if I may I want to recommend you few attention-grabbing issues or
advice. Maybe you can write next articles referring to this article.
I desire to read even more things approximately it!
Everyone loves what you guys are up too. This type of clever work and exposure!
Keep up the wonderful works guys I’ve incorporated you guys
to our blogroll.
As constantly we encourage you to completely discuss your choices with your dentist.
You might have heard the term sedation dentistry.” The idea is to assist you unwind during oral work.
You have made some really good points there. I checked on the net
for more information about the issue and found most people
will go along with your views on this website.
It’s the best time to make a few plans for the longer term
and it is time to be happy. I have learn this publish and if I
may I want to recommend you few interesting things or tips.
Perhaps you could write subsequent articles referring
to this article. I desire to read even more issues approximately it!
I really like what you guys tend to be up too. Such clever work and reporting!
Keep up the amazing works guys I’ve added you guys to my own blogroll.
I’ll immediately grab your rss as I can not in finding your e-mail subscription link or newsletter service.
Do you’ve any? Kindly let me recognize so that I may just subscribe.
Thanks.
I enjoy what you guys tend to be up too. This sort of clever work and reporting!
Keep up the amazing works guys I’ve incorporated you guys to my
personal blogroll.
I’ve been surfing online more than three hours as of late, yet
I by no means found any attention-grabbing
article like yours. It is beautiful worth
enough for me. Personally, if all web owners and bloggers made good content as you did, the net might be much more useful than ever before.
I have been browsing online more than 2 hours
today, yet I never found any interesting article like
yours. It’s pretty worth enough for me. In my view, if all
webmasters and bloggers made good content as you did, the net
will be much more useful than ever before.
Its like you read my mind! You seem to understand a lot
about this, like you wrote the e-book in it or something.
I think that you just could do with a few %
to power the message home a bit, however instead of that, that is magnificent blog.
A great read. I’ll certainly be back.
I seriously love your blog.. Very nice colors & theme.
Did you develop this website yourself? Please reply
back as I’m hoping to create my own personal website and would love to
learn where you got this from or just what the theme is called.
Many thanks!
When I initially commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment is added I get several
emails with the same comment. Is there any way you can remove people from that service?
Thanks a lot!
Howdy! This post couldn’t be written much better! Going through this
article reminds me of my previous roommate!
He constantly kept talking about this. I will send this post to him.
Fairly certain he’s going to have a very good read. Many
thanks for sharing!
It’s appropriate time to make some plans for the long run and it’s time
to be happy. I’ve learn this submit and if
I may I want to suggest you few interesting things or advice.
Maybe you could write subsequent articles referring
to this article. I want to learn even more things approximately it!
It’s appropriate time to make some plans for the future and it is time to be happy.
I’ve read this post and if I could I wish to suggest you
few interesting things or suggestions. Perhaps you can write next articles referring
to this article. I desire to read even more things about it!
I visited many websites except the audio feature for audio songs current
at this web page is in fact superb.
I nerded tto thhank yyou foor this fantastric read!!
I cedrtainly lovesd egery little bit oof it. I’ve got you sabed as a fawvorite too
loolk aat neww styuff you
I have been browsing on-line greater than three hours these days, yet I never
discovered any interesting article like yours.
It is lovely value enough for me. In my opinion, if all
site owners and bloggers made good content as you did, the net
might be a lot more helpful than ever before.
Everyone loves what you guys tend to be up too.
This sort of clever work and coverage! Keep up the fantastic works guys I’ve
added you guys to my blogroll.
It’s appropriate time to make some plans for the future and it is time
to be happy. I have read this post and if I could I desire to suggest you few interesting things
or advice. Perhaps you could write next articles referring to this
article. I desire to read more things about it!
Its like you read my thoughts! You seem to understand a lot approximately this, such as you wrote the ebook in it or something. I think that you could do with some percent to power the message house a little bit, however instead of that, that is magnificent blog. A fantastic read. I’ll certainly be back.
It’s perfect time to make some plans for the longer term and it is time to
be happy. I’ve read this post and if I could I wish to counsel you few fascinating issues or suggestions.
Maybe you can write subsequent articles referring to this article.
I wish to learn more issues about it!
Way cool! Some very valid points! I appreciate you writing this article and the rest of the website is also really good.
Hi there! Someone in my Myspace group shared this website with us so I came to give it a
look. I’m definitely enjoying the information. I’m book-marking and will be tweeting this to my followers!
Excellent blog and brilliant design.
It is perfect time to make a few plans for the longer term and it is time to be happy.
I have learn this post and if I may just I want to counsel you few fascinating things or suggestions.
Perhaps you could write next articles referring to this article.
I desire to read even more things approximately it!
What i do not realize is if truth be told how you are
no longer really much more smartly-favored than you might be right now.
You are very intelligent. You recognize thus significantly relating to this topic, made me personally believe it
from numerous varied angles. Its like men and women are not fascinated except it’s something
to do with Girl gaga! Your personal stuffs great. Always maintain it up!
It is the best time to make some plans for the future and it’s time to be happy.
I’ve read this post and if I could I want to suggest you some interesting things or suggestions.
Perhaps you can write next articles referring to this article.
I wish to read even more things about it!
Thanks , I’ve recently been looking for information approximately this
subject for a while and yours is the best I have came upon till
now. But, what about the conclusion? Are you certain concerning the supply?
I consider something genuinely special in this web site.