The creator of a popular but unauthorised Final Fantasy XIV mod has admitted to including malware that can shut down a user’s PC. Gshade, a mod that allows users to tinker with the MMORPG‘s visuals, contains code that restarts a PC if the mod is used in other capacities, such as the creation of additional mods that could alter gameplay dynamics.
The use of mods in Final Fantasy XIV is strictly prohibited by Square Enix’s terms of service, something that pro raid team UNNAMED_ got a lesson in just a week ago after using unsanctioned add-ons to win the Race to World’s First in the Omega Protocol Ultimate raid.
Gshade is similarly prohibited, but doesn’t do anything nefarious under normal circumstances. In fact, it’s often used by players with various forms of colour blindness to adjust lighting and UI elements that would otherwise be indistinguishable.
However, the mod’s creator, who goes by Marot, has now revealed that they had deliberately included malware in Gshade’s code, as GameRant reports. In leaked Discord messages, Marot says the malicious code activates when a third-party application attempts to call functions from Gshade, and restarts the client computer.
“This was meant to be a lesson,” Marot says, speaking to another modder. “Anything could have been in the payload and you’d have been responsible for distributing it to people and triggering it.”
Unsurprisingly, this hasn’t gone over as a simple teachable moment from modder to modder in the broader Final Fantasy XIV community. Marot has now been banned from at least one fan Discord server and the FFXIV subreddit has retracted its endorsement of Gshade. The mod has also reportedly been removed from coding repository Github, pending an investigation.
However, the episode does serve as a cautionary tale and a reminder that modding games always carries with it a certain amount of risk – unless you have the know-how to review a mod’s code line by line, there’s always the possibility that something malicious could be hiding in there.