DLSS Swapper creator issues malware warning over user-submitted DLL libraries

Pro tip: DLSS Swapper can be an undeniably useful tool, providing significant improvements to real-time graphics quality. As the program’s author recently reminded users, people should be very careful when dealing with DLL components from unverified sources. Just download the official package and be done with it.

DLSS Swapper author Brad Moore revealed that some people are attempting to compromise the program by uploading potentially malicious DLL files. These unnamed actors are exploiting DLSS Swapper’s design, which uses Manifest Builder repositories to provide access to a broader range of upscaling releases.

Moore said the custom DLLs are being submitted as commits with generic comments such as, “This fixed it for me.” DLSS Swapper relies on a manifest file to track supported upscaling libraries, including Nvidia’s DLSS, AMD’s FSR, and Intel’s XeSS technologies. A Manifest Builder can process these user-provided DLLs and generate a manifest file that DLSS Swapper can use to support the additional libraries.

Officially supported DLLs are thoroughly vetted before being included in a DLSS Swapper release. However, Moore warned that DLLs distributed by third parties should be considered potentially dangerous. The developer provided a sample of one such file, which VirusTotal identified as malware.

DLSS Swapper has become a popular tool for replacing the upscaling libraries that ship with PC games. The open-source utility also lets users add newer versions of DLSS to older titles, enabling new modding possibilities thanks to the growing adoption of upscaling technologies among GPU manufacturers.

Support for custom DLLs could be an interesting addition, allowing DLSS Swapper to recognize previously unknown DLSS, FSR, or XeSS revisions stored on users’ drives. However, as Moore clearly explains, the feature can also become a security liability if users don’t stick to officially supported DLLs.

Dynamic-link libraries can have names other than the traditional “.dll” extension, but they are almost always executable files capable of carrying either additional functionality or malicious code. Microsoft introduced the DLL concept for shared libraries during the OS/2 era, and the technology continues to pose security challenges decades after its debut.

As a power-user utility focused on tweaking 3D graphics performance in modern games, DLSS Swapper has been targeted by cybercriminals before. Moore previously warned users against downloading the tool from untrusted third-party websites, where scammers have impersonated the official source in an attempt to distribute malware and other malicious software.

Source: www.techspot.com

Add Comment