Mods as security holes?

The irrepressible Raymond Chen recently mused about "security holes" that aren't &endash; that is to say, features which may be misused but don't actually cause security vulnerabilities. While Raymond's blog is always worth reading, this is more about something from one of the comments on this entry. Commenter Erzengel mused that "impersonating a plugin could be an initial delivery system" for malware.

For sure, this is a potential entry vector, and I'm honestly surprised that there are very few if any malware mods out there. Given the number of games where you can actually build mods in C/C++ and have access to the system that way, one would expect that the popularity of the games industry would cause malware authors to flock to the idea.

But as Gresham's Law states that bad money drives out good, so good mods drive out bad ones. I've felt that closed-source, closed development mods have been more or less scorned by the modding community and the gamers who check out pretty much everything out there, which is the first blow. Secondly, what sort of value would the malware mod add for gamers that would encourage them to download and install it? Despite the flaws in them, anti-cheat systems do exist and are commonly used, which would likely rule out any cheat-enabling mods. This means that the mods would likely have to provide real gameplay or "legitimate" (i.e. non-cheating) objects which interest the players.

So while malware mods may exist, and may even increase in number, I highly doubt that they would be effective enough to warrant their development. And given how the malware industry loves to make money off of the suffering they create, the idea of making fake mods to serve as a vector for malware is pretty much relegated to the dustbin.