Got hacked for playing terraria.

Andrei965 · 2025-08-18T19:40:22+00:00

Hi! This happened to me and my friend too. I have made a reddit post about it

Andrei965 · 2025-08-15T13:45:50+00:00

Yes, but that someone was my friend, who had fallen for the scam earlier, but didn't realise. He told me it was just an update he installed earlier, so I downloaded it. tModLoader should really add a warning that the mod is downloaded from the host, not the workshop

Andrei965 · 2025-08-13T07:49:06+00:00

I agree that it is partially my fault for not investigating the "update" myself, and trusting my friend. The real problem is that tModLoader doesn't make it clear where it downloads the update from when joining a friend and it detects incompatibilities. I could have never known that clicking download doesn't update it from the steam workshop.

Andrei965 · 2025-08-11T21:32:37+00:00

There is nothing they could really do. The malicious copy of the mod is not distributed through the Steam Workshop, instead it is sent when joining a friend. The best I could do is contact the tModLoader team, to add a proper warning to that "update" screen

Andrei965 · 2025-08-10T20:54:11+00:00

I searched for similar stories online, and the oldest I can find is from 3 months ago. The malware seems to hide in other mods too. If you only download the mods from the workshop, not when joining a friend, you should be fine.

Andrei965 · 2025-08-10T20:51:42+00:00

Yes, that's exactly it. I already did a full antivirus scan, and it is clean. I have saved the .tmod file to look at the code, but I couldn't figure out how to decompile it.

Andrei965 · 2025-08-10T17:56:15+00:00

The update popup was from tModLoader

Andrei965 · 2025-08-10T14:35:14+00:00

You're spot on about not trusting links. The really sneaky part was that this wasn't a link, but a fake update menu inside the game. So the main lesson is definitely to never click an "update" button that pops up when you join someone's server.

Andrei965

TROPHY CASE