- Sales & CRM
- Business Intelligence
Security experts have uncovered 'Steam Stealer' malware suspected of hijacking 77,000 Steam accounts per month.
Steam Stealer, discovered by Kaspersky researcher Santiago Pontiroli and independent researcher Bart P., has been observed in the wild in almost 1,200 instances.
Valve reports that almost 77,000 Steam accounts are stolen or compromised every month, and while some will be the victim of social engineering and spear-phishing campaigns, Steam Stealer and its variants are now suspected to be behind the vast majority of them.
The malware is believed to have been developed by Russian-speaking hackers and is sold for around £20 - much cheaper than the average malware package.
Supplied on a 'Malware-as-a-service' model, the packages contain detailed manuals and documentation and are designed to be easy to use.
Malicious packages are often distributed by fake web pages, or by direct messaging a Steam user and tricking them into opening a file with a malicious payload.
The software then exfiltrates their Steam config files and sifts through them to find the Steam KeyValue file - which contains login credentials - and the information maintaining a user's session.
Having gained control of the account, criminals can then flip the accounts for around £10 on the black market, giving the purchaser access to the original user's library of games and collectable inventory items.
The largest markets for compromised accounts appear to be in Russian and Eastern European territories, although instances have been observed worldwide.
"The gaming community has become a highly desirable target for cybercriminals," Pontiroli said. "There has been a clear evolution in the techniques used for infection and propagation, as well as the growing complexity of the malware itself, which has led to an increase in this type of activity."
Robust security solutions have been recommended as a good way to prevent cybercriminals from exploiting users' accounts, although Valve itself offers account protection services, in the form of its Steam Guard authentication tools.