New malware steals Steam, Epic Games Store, and EA Origin accounts

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
A new malware sold on dark web forums is being used by threat actors to steal accounts for multiple gaming platforms, including Steam, Epic Games Store, and EA Origin.

Kaspersky security researchers who spotted the new trojan dubbed it BloodyStealer and found that it's capable of collecting and stealing a wide range of sensitive information, including cookies, passwords, bank cards, as well as sessions from various applications.

This malware explicitly targets gaming platforms, like Steam, Epic Games, EA Origin, GOG Galaxy, and more, as it can harvest accounts for its operators, which later sell them in underground markets.
"While BloodyStealer is not made exclusively for stealing game-related information, the platforms it can target clearly point to the demand for this type of data among cybercriminals," Kaspersky said.

"Logs, accounts and in-game goods are some of the game-related products sold on the darknet in bulk or individually for an attractive price."
The information stealer is sold through private channels to VIP members of underground forums under a subscription model for roughly $10 per month or $40 for a lifetime "license."
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
From the linked Kaspersky Blog / Securelist:
To minimize the risks of losing your gaming account, follow these simple tips:
  • Wherever possible, protect your accounts with two-factor authentication. For others, comb through account settings.
  • A strong, reliable security solution will be a great help to you, especially if it will not slow down your computer while you are playing. At the same time, it will protect you from all possible cyberthreats. We recommend Kaspersky Total Security. It works smoothly with Steam and other gaming services.
  • It is safer to buy games on official sites only and wait for the sales – these take place fairly often and are typically tied to big holidays such as Halloween, Christmas, Saint Valentine’s Day, so you will not be sitting on your hands for long.
  • Try to avoid buying the first thing that pops up. Even during Steam’s summer sale, before forking out the dough for a little-known title, at least read some reviews of it. If something is fishy, people will probably have figured it out.
  • Beware of phishing campaigns and unfamiliar gamers contacting you. It is a good idea to double-check before clicking website links you receive via email and the extensions of files you are about to open.
  • Try not to click on any links to external sites from the game chat, and carefully check the address of any resource that requests you to enter your username and password: the page may be fake.
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
Additionally to above post from @Gandalf_The_Grey :

Thanks @Berny (y)
That article links to Kaspersky's guides for Steam, Battle.net, Origin, Twitch, and Discord users:
  • Protect your accounts with strong passwords, enable two-factor authentication, and generally max out the platform’s security settings (see our guides for Steam, Battle.net, Origin, Twitch, and Discord users).
A good task for the upcoming weekend.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top