Unity Fixes Mobile Vulnerability That Could Risk Crypto Users
Unity Technologies has addressed a critical flaw in its gaming engine that could allow unauthorized access to Android users, particularly affecting crypto gamers.
Unity Technologies has released a patch to address a vulnerability that enabled the execution of malicious code in Android games, threatening crypto users. The security flaw, exposed in June, was acknowledged as a potential risk, leading Unity to implement necessary fixes by Friday.
Larry “Major Nelson” Hryb, Unity’s Director of Community, shared a security advisory outlining the dangers associated with the vulnerability, which included potential access to sensitive information on devices using Unity applications. He noted, however, that there was no evidence indicating that the flaw had been exploited or that users were adversely affected.
Cointelegraph was among the first outlets to report on this security issue. Sources indicated that the bug affects projects initiated as far back as 2017, impacting not only Android games but also those on Windows, macOS, and Linux platforms.
A representative from Google advised developers to update their applications promptly, emphasizing the importance of deploying the patched Unity Editor before the next build.
Unity Recommends Developers Update Their Tools
Developers should utilize the updated Unity Editor to rebuild their games accordingly. Keeping apps updated is crucial for their users’ security.
Mobile gamers are also encouraged to maintain up-to-date devices, enable automatic updates, and ensure that their antivirus software is current.
RyotaK, a security researcher from GMO Flatt, noted that the vulnerability allowed malicious applications on the same device to hijack permissions granted to Unity apps, enabling potential remote code execution.
Among Us is a popular game created with Unity
Among Us is a popular game created with Unity. Source: Epic Games
In addition, Microsoft issued a security alert indicating that their game development teams are actively working to update any affected games, although console games remain unaffected. Windows Defender is also upgraded to enhance protection against this vulnerability.
Various game developers, including Obsidian Entertainment, have removed several titles from digital storefronts while they apply the necessary fixes.
