Cities: Skylines mods banned for blocking users, potentially enabling malware

A swirl of mostly untrue rumours

Complicating matters somewhat is a sea of rumours about what else the mods contained, and a series of counter-allegations about Colossal Order from the creator of the mods.

These mods were both created by a user who works under the name Chaos, or sometimes Holy Water. Allegationsappeared a few days agothat some of this users mods contained “malicious code.”

This code was apparently also included in “Harmony (Redesigned)”, a framework mod that many other mods depend upon. Chaos reportedly forked a build of Harmony to create his own variant, called Harmony (Redesigned), which contained the new code. Rumours swirled around the allegations that this revision of Harmony, which was extremely popular, contained a keylogger and a secret automatic updater inside it that could have allowed malware to be installed on users' computers.

Colossal Order say this isn’t the case, ina message posted on Steam. “No keyloggers, viruses, bitcoin mining software, or similar has been found in mods on the Steam Workshop,” says the post.

Instead, the post explains that the mods banned were Network Extension 3 and Update From Github, for the reasons mentioned above.

“‘Network Extensions 3’, the mod alleged to contain malware, was banned due to discriminating against specific Steam users,” says the post. “First, it blocked a short list of Steam users from using the mod, but this was later changed to cause what appeared to be buggy gameplay. Blocking users or creating specific restrictions for them violates the Steam Subscriber Agreement and such resulted in the mod being banned.”

All of which would be complicated enough, except that the mod creatorclaims that it’s actually Cities: Skylines which contains a keylogger. Specifically he points to features in the game’s code seemingly designed to send telemetry - data related to player in-game actions - back to developers. It’s common for developers to gather telemetry from players in order to help them refine and improve games, but Chaos, posting under the name “I found Colossal Order Keylogger”, alleges this data is not anonymised and is being linked to users' Paradox accounts.

Chaos also refers to Colossal Order’s banning of his mods as a “digital stoning” designed to discredit him. The posts are vitriolic, and telemetry is about as commonplace as forum drama in mod communities so the accusations seem absurd to me. Regardless, I have reached out to Colossal Order for further comment.