Developers of the gacha RPG Duet Night Abyss have apologized for a cybersecurity incident that distributed malware to players' PCs via a launcher update on March 18. The malware, identified as Trojan:MSIL/UmbralStealer.DG!MTB, targets passwords and cryptocurrency. Players receive in-game compensation as the team implements security enhancements.
The free-to-play gacha RPG Duet Night Abyss, developed by Pan Studio and published by Hero Games, experienced a malicious attack on March 18. A patch to the game's launcher, released at 7:39 am UTC on Steam, contained the malware known as “Trojan:MSIL/UmbralStealer.DG!MTB” or “Umbral Stealer.” This infostealer records keystrokes, captures screenshots, and aims to harvest sensitive information like passwords and cryptocurrency wallets. Many players' antivirus software detected and quarantined it promptly due to its age and known signatures. The issue surfaced about 24 hours before the developers' public response on March 19. In a statement on the game's X account, the team noted: “Even after the initial breach, persistent attempts to continue the attack and spread misinformation have occurred. We strongly condemn these actions. As security is a vital pillar of a live product, this incident has served as a serious wake-up call for our team.” As compensation, affected players will receive “Commission Manual: Volume III*5, Prismatic Hourglass*10,” equivalent to ten free random skins. The developers have introduced several security enhancements to prevent future incidents. This marks the second compromise for Duet Night Abyss in a month; a prior launcher attack in late February was less severe, merely urging players to try Genshin Impact instead. Community reactions remain skeptical given the repeated breaches.
