QuantV graphics mod for GTA 5 found to have serious malware that wipes hard drive

GTA 5 players are in fury as paid mod have been found with Trojan viruses (Image via QuantV)
GTA 5 players are in fury as a paid mod has been found with Trojan viruses (Image via QuantV)

The popular graphics mod for GTA 5, QuantV, has been found to possess risky malware files. A primary investigation into the matter has proved the allegations accurate, creating panic among the mod's users as it contains a potential threat that can erase their personal information remotely.

The modding community and its users are dismayed as QuantV is a popular mod that improves the graphics of the gameplay. This article focuses on the findings and threats the malware possesses.

GTA 5 mod found with remote-access enabled malware

Taking to Twitter, the official handle of the FiveM modding team revealed that the news of QuantV containing dangerous malware is true. The mod also offers a version for FiveM. It has been claimed to contain a code that can remotely erase its users’ hard disk drives if the admin wants to.

⚠️ Breaking info:The 'QuantV' graphics mod for GTA V (which also offers a version for FiveM) has been claimed to contain code to remotely wipe files (in case of remote admin decision?)Initial investigation shows these claims are correct.Developing story, more updates soon.

Users reported that a trojan virus with drive exterminator had been found in native DLLs bundled with QuantV. After analyzing a legitimately purchased version of the mod, FiveM found the claims to be valid. FiveM further disclosed, “the offending code is in the 'QuantV.asi' file, which contains oddly obfuscated strings that runs 'rmdir' on an enumeration of drive letters.”

To be precise, the offending code is in the 'QuantV.asi' file, which contains oddly obfuscated strings that, among other things (still to be investigated), runs `rmdir` on an enumeration of drive letters.

Some rumors claimed that the malware was added by some 'leaker' and not the original author. But FiveM did not find such instances to be genuine during their investigation. Further, the investigation uncovered both the enbhelper.dll and QuantV.asi files to contain full disk wipe/HTTP check logic. The malware wasn’t discovered initially, as the compiler settings were different.

Regarding the QuantV situation: we may end up adding code to FiveM to block loading (and recommend removal) of affected versions of this modification, depending on the response of the author.

QuantV is a third-party graphics mod pack for GTA 5. It contains a few DLL plugins to set shader parameters for the ENBSeries shader patching library and helps with making screenshots. Moreover, it is a paid mod that GTA 5 players can purchase from Patreon.

After the reveal, players and users of the mod expressed their anger and disappointment over the issue. Users have labeled QuantV as a "fraud" and "backstabber."

@FiveM Thanks Quant. You just gave the entire GTA modding community a terrible name and backstabbed loyal fans who followed your work. I just paid for malware and was using it for my latest project.Thanks for informing people, FiveM.

Users of the mod are also advised to delete and remove the software from their devices as it poses a potential threat to their personal files.

@FiveM Is this for the latest release or for all?? I’ve been running the june release for more than a month now and I havent seen anything happen, if this is the case for all versions then please let me know so i can delete this shit right quick

The creator of the mod, Quant, has also been reported as being away since the news broke. Their Discord server is also unresponsive and offline. GTA 5 players have accused them of taking their money, giving them malware, and running away.

@FiveM Took the money and ran… I’ve always used NVE, now everyone will be sketched out. QuantV just gave the modding community a black eye. I suggest if you’re running QuantV completely wipe it off your machine.

The incident also made its way to Reddit, where many users were shocked by the news.

GTA 5 players have praised FiveM for bringing the issue to light and executing further investigation. Meanwhile, users are advised not to use the mod, to keep their PCs away from an internet connection, and not to buy any other patches from QuantV.

For comprehensive guides and walkthroughs, check out SK GTA Wiki

Quick Links

Edited by R. Elahi
Be the first one to comment