Advertised on YouTube as a Steam Cracker that allows users to play “all games for free,” the malicious element is actually part of a phishing scheme that targets game serial numbers.
Chris Boyd of GFI reveals that the YouTube page which promotes the shady app urges users to disable their antivirus applications and their firewalls because they falsely detect the program as being a threat.
Of course, this is a real threat, which apparently runs only on Windows Vista or newer versions of the operating system.
The fake Steam client’s installation process is legitimate-looking and real speampowered pages are included, to make everything appear more credible. There are even buttons that point to the genuine Playstation Network ID login page.
While on the surface everything seems legit, in the background, the phony application accesses the registries in an attempt to steal CD Keys.
“The fake Steam client wants the serials of games galore along with more general programs such as design packages, movie players, system defraggers, code tweakers, iPod converters…you get the idea,” Boyd wrote.
GFI identifies the threat as Trojan.Win32.Generic.pak!cobra, but unfortunately, at this time, not all antivirus solutions flag the file as being a Trojan, only around half of them do.
Read more: http://news.softpedia.com/news/Fake-Steam-Client-Urges-Users-to-Disable-Antivirus-265643.shtml