Fake Steam Client Urges Users to Disable Antivirus

[Jack]

Advertised on YouTube as a Steam Cracker that allows users to play “all games for free,” the malicious element is actually part of a phishing scheme that targets game serial numbers.

Chris Boyd of GFI reveals that the YouTube page which promotes the shady app urges users to disable their antivirus applications and their firewalls because they falsely detect the program as being a threat.

Of course, this is a real threat, which apparently runs only on Windows Vista or newer versions of the operating system.

The fake Steam client’s installation process is legitimate-looking and real speampowered pages are included, to make everything appear more credible. There are even buttons that point to the genuine Playstation Network ID login page.

While on the surface everything seems legit, in the background, the phony application accesses the registries in an attempt to steal CD Keys.

“The fake Steam client wants the serials of games galore along with more general programs such as design packages, movie players, system defraggers, code tweakers, iPod converters…you get the idea,” Boyd wrote.

GFI identifies the threat as Trojan.Win32.Generic.pak!cobra, but unfortunately, at this time, not all antivirus solutions flag the file as being a Trojan, only around half of them do.

Read more: http://news.softpedia.com/news/Fake-Steam-Client-Urges-Users-to-Disable-Antivirus-265643.shtml

 

[Vextor]

Nice find, although if I want a game I would always buy it, as you can allows you to use the whole features. I also reported the video to YT.
Here is the offending video if anyone wants to report it:

WARNING: LINK CONTAINS LINKS TO VIRUSES. BE CAREFUL.
https://www.youtube.com/watch?v=Z-LkoyMbZOU

 

[jamescv7]

That's a clever tactics on it since the steps were made to convinced especially that the program is a FP by the owner of video said.

Glad that security firm managed to detect quickly.

 

[WinAndLinuxTutorials]

Not being a gamer has many advantages

 

[MiamiBreeze545]

Hopefully more gamers would be more aware of these new tactics that would compromise their security.

 

[Ink]

WARNING: LINK CONTAINS LINKS TO VIRUSES. BE CAREFUL.
/watch?v=Z-LkoyMbZOU

VT Result : 35/42

 

[jamescv7]

One good thing that files likely to be categorized as warez/cracks/keygens were commonly detected by AV's however some were claiming to be a FP so the better choice is stay away for it.

 

[Jack]

Steam (in fact Steam games) can't be cracked to actually work online... is that simple ...
Valve had a brilliant strategy when they've created this game client.... everything is checked when you login and you can access you data from everywhere... And games have evolved and now a Single Player campaign is often worse than a Multiplayer Online gameplay. ... It's just brilliant and this is the best way to fight piracy...
This attacks aren't new and if go on TPB and search for "Steam" .. you'll find 'Steam cracked with 100 Games' ..... and as GFI reported (and we knew) this are nothing more than social engineered attacks.

 

[Vextor]

Actually, there are working cracks, but they aren't very good. I've tried them and they DO work.