Dark Souls PvP servers are down as security vulnerability is investigated

Dark Souls 3
(Image credit: From Software)

Update: Following the discovery of a serious security vulnerability in Dark Souls 3, Bandai Namco has acknowledged the problem and temporarily suspended PvP servers on PC.

"PvP servers for Dark Souls 3, Dark Souls 2, and Dark Souls: Remastered have been temporarily deactivated to allow the team to investigate recent reports of an issue with online services," the official Dark Souls Twitter account tweeted. "Servers for Dark Souls: PtDE will join them shortly."

This downtime—and the vulnerability itself—doesn't affect any Dark Souls games on consoles.

Original story:

This new security vulnerability in Dark Souls 3, as outlined on Twitter by user @SkeleMann and in multiple threads, including one pinned by moderators, on the Dark Souls 3 subreddit, seems to operate on the level of full-on malware and could pose a serious risk to anyone playing the game in its online mode. The well-respected Blue Sentinel mod, which has been able to counteract similar, if less serious vulnerabilities in the past, has just been updated to address the issue as of this afternoon.

As of writing, it seems that the newest hack is not disseminating out in the wild—its discoverer has demonstrated the vulnerability on-stream and contacted Bandai Namco, but it does not seem to be the case that hackers at-large have access to it yet. Still, better to be safe than sorry and play in offline mode or with the Blue Sentinel patch.

This is not the first time issues like this have cropped up in Dark Souls 3 multiplayer. In 2016, we reported on hacked items being left in users' games by invaders, corrupting their saves, and I recall a similar issue of hacked items existing in the initial PC release of Dark Souls: Prepare to Die Edition. That persistence across multiple games is also worrying with the upcoming release of FromSoft's Dark Souls successor, Elden Ring. I've seen multiple users speculate that this critical vulnerability in Dark Souls 3 could be present in Elden Ring if it uses the same netcode, but that remains unconfirmed.

We hope to see official word from Bandai Namco soon, but even when this vulnerability gets addressed, it's highly alarming that it could even exist in the first place. All of a sudden, Demon's Souls' official servers being shut down leaving offline play the only option seems like more of a feature than a downside.

Associate Editor

Ted has been thinking about PC games and bothering anyone who would listen with his thoughts on them ever since he booted up his sister's copy of Neverwinter Nights on the family computer. He is obsessed with all things CRPG and CRPG-adjacent, but has also covered esports, modding, and rare game collecting. When he's not playing or writing about games, you can find Ted lifting weights on his back porch.