Hi! I recently found a Redline version trojan virus on my PC, and decided to use Kaspersky Rescue disk to stop it. I found that Various Twine based games are being targeted by what appears to be a worm program depositing the trojan payload. It seems to mainly, but not exclusively (3/4) target the index.html file, which is very easy to find in the program files.

This is a major issue, as the Redline trojan type can key-log, steal saved login info, and various other nefarious things. Please update your servers, as this vulnerability has been patched for years!

By the way, I am talking to a few Devs about this, and their systems are not infected, so this is purely server-side.

All projects were downloaded exclusively from the Official Desktop Itch client.

Are you able to report the pages that you think gave you a virus? I don’t see any open reports on your account. You can find the report link on the bottom of a game’s page.

You mention you think it’s server-side, which doesn’t really make sense to me. Can you explain in more detail why you think that?

Are you sure you didn’t download software from somewhere else?

The projects are NSFW, so I didnt report them yet. Also, I've talked to some of the Devs, and none have traces of infection on their devices. I believe it's server side due to the fact that the four projects, downloaded to a folder only the desktop official itch client downloads to, was marked as the origin. Weather it's a trojan I got from elsewhere, that found and burrowed into those projects from elsewhere, I don't know. I had several projects made in twine, but only 4 were infected, and they all were within that folder. The first logged infection in Microsoft Security and Kaspersky Rescue disk coincide with the update logs to these projects to the minute.

As far as I can tell, either the trojan could only manage those four, and somehow tricked Kaspersky Rescue Disk into believing their origin to be there rather then the true origin, or the trojan virus's were sideloaded with these apps.