You might not want to play a Dark Souls game online for a while, trust, you might not be able to do so. According to Dexerto and The Verge, attackers discovered a security exploit in Dark Souls 3 (and possibly Elden Ring) for Windows that allows attackers to remotely execute control and effectively hijack your PC.
Streamers like The Grim Sleeper have experienced the potential harm firsthand; in his case, the intruder launched Microsoft PowerShell and ran a text-to-speech script mocking his gameplay.
The exploiter might not be malicious. According to a post on the SpeedSouls Discord, the hacker attempted to warn developer FromSoftware about the Dark Souls 3 vulnerability but instead turned to compromise streamers to highlight the issue. Only the perpetrator knows how to use it, but a patch for the unofficial Blue Sentinel anti-cheat tool is already available.
PvP servers for Dark Souls 3, Dark Souls 2, and Dark Souls: Remastered have been temporarily deactivated to allow the team to investigate recent reports of an issue with online services.
Servers for Dark Souls: PtDE will join them shortly.
We apologize for this inconvenience.
— Dark Souls (@DarkSoulsGame) January 23, 2022
Since then, FromSoftware and its publisher Bandai Namco have responded to the exploit. The player-versus-player servers for Dark Souls 3 and its predecessors have been temporarily disabled while the security team investigates the flaws.
It’s unclear when the servers will reopen, but From and Bandai are clearly not going to restore service until they’re reasonably confident that players are safe.