LASER_oneXM

Level 37
Verified
Top poster
Well-known
Feb 4, 2016
2,575
A new malware sold on dark web forums is being used by threat actors to steal accounts for multiple gaming platforms, including Steam, Epic Games Store, and EA Origin.

Kaspersky security researchers who spotted the new trojan dubbed it BloodyStealer and found that it's capable of collecting and stealing a wide range of sensitive information, including cookies, passwords, bank cards, as well as sessions from various applications.

This malware explicitly targets gaming platforms, like Steam, Epic Games, EA Origin, GOG Galaxy, and more, as it can harvest accounts for its operators, which later sell them in underground markets.
"While BloodyStealer is not made exclusively for stealing game-related information, the platforms it can target clearly point to the demand for this type of data among cybercriminals," Kaspersky said.

"Logs, accounts and in-game goods are some of the game-related products sold on the darknet in bulk or individually for an attractive price."
The information stealer is sold through private channels to VIP members of underground forums under a subscription model for roughly $10 per month or $40 for a lifetime "license."
 

Gandalf_The_Grey

Level 55
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
4,449
From the linked Kaspersky Blog / Securelist:
To minimize the risks of losing your gaming account, follow these simple tips:
  • Wherever possible, protect your accounts with two-factor authentication. For others, comb through account settings.
  • A strong, reliable security solution will be a great help to you, especially if it will not slow down your computer while you are playing. At the same time, it will protect you from all possible cyberthreats. We recommend Kaspersky Total Security. It works smoothly with Steam and other gaming services.
  • It is safer to buy games on official sites only and wait for the sales – these take place fairly often and are typically tied to big holidays such as Halloween, Christmas, Saint Valentine’s Day, so you will not be sitting on your hands for long.
  • Try to avoid buying the first thing that pops up. Even during Steam’s summer sale, before forking out the dough for a little-known title, at least read some reviews of it. If something is fishy, people will probably have figured it out.
  • Beware of phishing campaigns and unfamiliar gamers contacting you. It is a good idea to double-check before clicking website links you receive via email and the extensions of files you are about to open.
  • Try not to click on any links to external sites from the game chat, and carefully check the address of any resource that requests you to enter your username and password: the page may be fake.
 

Gandalf_The_Grey

Level 55
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
4,449
Additionally to above post from @Gandalf_The_Grey :

Thanks @Berny (y)
That article links to Kaspersky's guides for Steam, Battle.net, Origin, Twitch, and Discord users:
  • Protect your accounts with strong passwords, enable two-factor authentication, and generally max out the platform’s security settings (see our guides for Steam, Battle.net, Origin, Twitch, and Discord users).
A good task for the upcoming weekend.
 
Top