From Fun to Exploit: The Dark Side of UGC
Stage 3 - Confex Level 1
Talk
~All~Research & EducationTech & Coding
Information
User Generated Content (UGC) powers modding communities across games like Minecraft, Skyrim, and Cyberpunk 2077. But what happens when a mod isn't what it seems? This talk reveals a real proof-of-concept mod that quietly exfiltrates system data - and how it passed every platform scan, approval, and antivirus check.
We’ll walk through how it was built, deployed, and tracked, using only public tools and game APIs. Then, we’ll introduce a new open-source tool - ModSentinel - built to help secure this ecosystem.
This talk isn't just about games - it's about overlooked supply chains, static analysis gaps, and the wild security frontier of player-made code.
Security best practices, towards UGC companies wanting to keep their players safe.
Target Audiences
Target Audience Security professionals, developers working with modding platforms, toolmakers, QA engineers, and technical leaders in game publishing - as well as any technically curious attendees interested in the intersection of gaming, user-generated content, and security.
Experience Level
Beginner
Key Take Aways
UGC mods can be exploited as malware vectors, and most major platforms lack the detection or validation to catch them.
A real-world proof-of-concept mod was published to a trusted platform - with malicious code - and triggered no warnings.
Modding platforms, developers, and publishers need better tooling, policy, and source verification pipelines.
Learn how attackers think, how mods bypass platform checks, and what can be done to stop them.
Actionable insights for toolmakers, UGC ecosystem leads, and security-conscious devs to start protecting their players now.
Session Type
Talk
