Steam Hardware

22048 readers

722 users here now

A place to discuss and support all Steam Hardware, including Steam Deck, Steam Machine, Steam Frame, and SteamOS in general.

As Lemmy doesn't have flairs yet, you can use these prefixes to indicate what type of post you have made, eg:
[Flair] My post title

The following is a list of suggested flairs:
[Deck] - Steam Deck related.
[Controller] - Steam Controller related.
[Machine] - Steam Machine related.
[Frame] - Steam Frame related.
[Discussion] - General discussion.
[Help] - A request for help or support.
[News] - News about the deck.
[PSA] - Sharing important information.
[Game] - News / info about a game on the deck.
[Update] - An update to a previous post.
[Meta] - Discussion about this community.

If your post is only relevant to one hardware device (Deck/Machine/Frame/etc) please specify which one as part of the title or by using a device flair.

These are not enforced, but they are encouraged.

Rules:

Follow the rules of Sopuli
Posts must be related to Steam Hardware or Steam OS in an obvious way.
No piracy, there are other communities for that.
Discussion of emulators are allowed, but no discussion on how to illegally acquire ROMs.
This is a place of civil discussion, no trolling.
Have fun.

Link to our Matrix Space

founded 4 years ago

MODERATORS

Moxvallix@sopuli.xyz

Fubarberry@sopuli.xyz

148

If you use Emudeck to play Wii U games, you may have malware (sopuli.xyz)

submitted 18 hours ago* (last edited 18 hours ago) by Fubarberry@sopuli.xyz to c/steamdeck@sopuli.xyz

30 comments fedilink hide all child comments

From the Emudeck discord:

@everyone Hey everyone, apologies for the ping but since this is deemed as critical to the security of people's devices here, I will have to. Cemu (The Wii U emulator) was recently compromised by a malicious attacker using a known developers account, this compromise took place from May 6th to May 12th, and introduces malware that is known to steal passwords, SSH keys, GitHub tokens, and likely more they are not fully aware of at this moment. We recommend anybody who is on Linux or SteamOS to go into the EmuDeck app, Manage Emulators tab, Cemu, and click Reinstall/Update, and make sure the hash of the AppImage (Located in Home/Applications, right click Cemu AppImage, go into Properties, Checksums, and Calculate the SHA256 hash) matches the non-compromised version provided by the Cemu developers, if you have used Cemu from the dates I have mentioned, and the SHA256 hash does not match what is listed, assume your system may be compromised if it was ran. If you are on Windows, MacOS, or used the Flatpak version, you are not affected by this malware. More information regarding this attack can be found here. https://rentry.org/cemu-security-psa

The specifically affected packages were:

Cemu-2.6-x86_64.AppImage

cemu-2.6-ubuntu-22.04-x64.zip

you are viewing a single comment's thread
view the rest of the comments

[–] gedfromgont@piefed.ca 11 points 15 hours ago (2 children)

The following files and directories may be created by the malware: /tmp/.transformers /usr/bin/pgmonitor.py ~/.local/bin/pgmonitor.py /etc/systemd/system/pgsql-monitor.service ~/.config/systemd/user/pgsql-monitor.service /tmp/kubectl The absence of these files does not prove that you are safe.

Wouldn't the Steamdecks immutability prevent changes to the filesystem in these folders? After rebooting at least.

[–] afaix@lemmy.world 14 points 15 hours ago (1 children)

Some of the directories are in the home (the tilda ~ means home of the current user) and home directory is not immutable

[–] gedfromgont@piefed.ca 8 points 15 hours ago

You're right, I missed the tilda.

[–] pivot_root@lemmy.world 10 points 14 hours ago

/tmp/kubectl

If someone has kubectl installed on their steam deck, they have more problems than just malware. For example: workaholism.