By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Malware Reigned Supreme In 2012
    12 months ago
    BEWARE THE THINGBOT!
    12 months ago
    Is your PC a part of botnet? Check it!
    12 months ago
    Latest News
    Beware of scammers! Dangerous apps in the App Store
    2 days ago
    How To Limit Login Attempts on WordPress (+ Should You?)
    3 days ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 18, 2023 to September 24, 2023)
    3 days ago
    Two privilege escalation vulnerability in Simple Membership Plugin
    4 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    For 0-day vulnerabilities in Windows, temporary patches
    12 months ago
    Windows 11 22H2 (build 22621.317) outs in the Release Preview Channel
    12 months ago
    How to avoid problems installing Windows 11 22H2
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    8 months ago
    Now you can speed up any video in your browser
    8 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    9 months ago
  • How To
    How ToShow More
    Detecting zero-days before zero-day
    Detecting zero-days before zero-day
    23 hours ago
    See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
    See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
    23 hours ago
    Network performance update: Birthday Week 2023
    Network performance update: Birthday Week 2023
    23 hours ago
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    2 days ago
    Privacy-preserving measurement and machine learning
    Privacy-preserving measurement and machine learning
    2 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How to use Yandex.Alice and Google Assistant on Android at the same time?
    12 months ago
    3 online services for online video processing
    12 months ago
    How to search for information like a pro. Part 1
    12 months ago
    Latest News
    How to enable extensions for Google Bard AI
    2 days ago
    Window 11 Copilot: 10 Best tips and tricks
    2 days ago
    How to create AI images with Cocreator on Paint for Windows 11
    3 days ago
    How to install September 2023 update with 23H2 features for Windows 11
    4 days ago
  • Glossary
  • My Bookmarks
Reading: Steam on the firing line: how cybercriminals steal gamers’ Steam accounts
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

Steam on the firing line: how cybercriminals steal gamers’ Steam accounts

Vitus White
Last updated: 13 October
Vitus White 4 years ago
Share
10 Min Read

Hackers are attracted by any web-resource where large amounts of money changes hands, like moths to light. This is what happened with Steam and, according to Valve’s own calculations, 77,000 user accounts get hijacked and pillaged monthly.

Contents
Malware-as-a-service to steal the gameOld new ways to stealWhat Valve does to protect its users?I want to protect my Steam Account. What should I do?

Steam stealers: your account is their target

As Valve reveals, these victims are not only new or naive users. Professional  players, Reddit contributors and item traders have all fallen victim. Steam recognizes that hackers are doing real business by stealing accounts and virtual gaming property. Modern developments let cybercriminals wait for months before one particular malware sample or infection incident brings profit — there are so many of them, that the destiny of one piece is not critical. As a result, almost every Steam account is now a target.

Kaspersky Lab has decided to conduct an investigation to understand how bad things are on the gaming market. It turns out, our GReAT experts have highly underestimated the fraud scale. And among all the other bad things, Steam Stealers malware has attracted our attention. Hopefully, this report will evolve into an ongoing investigation, bringing much-needed balance to the gaming ecosystem.

Enjoy your Steam: how criminals make money on gamers https://t.co/n2i9Nt3tgV pic.twitter.com/Ytaz37fxf0

— Eugene Kaspersky (@e_kaspersky) February 16, 2016

Malware-as-a-service to steal the game

Basically the Steam Community works just like any other social network where users often interact with strangers, exchange messages or conduct trading of in-game assets. Steam is about games, and the games that you have purchased are tied to your profile making it even more valuable. That’s why phishing and spear-phishing attacks are in high demand among Steam-based cybercriminals, but those types of attack are just part of the story.

A breed of malware called Steam Stealers has proved to be extremely profitable for hackers by pilfering Steam users all around the globe. Unfortunately, there is not a lone culprit or cybergang behind the attacks, but rather a legion of groups. We’ve already observed a similar case, where criminals were making money selling malware-as-a-service. This is where a criminal sells different versions of malware to their less experienced colleagues; providing them with distinct features, free upgrades, user manuals, custom advice for malware distribution, and more.

Hi, @Steam_Support @steam_games
My items were stolen and the person is trying to rob me again right now. Need help. pic.twitter.com/ZoLQgLtRzv

— Gui Dobri (@Guidobri) March 7, 2016

This kind of malicious software is very easy to use: roughly speaking. Even beginners can use it to enter the world of cybercrime, while an average developer could meet the challenges even better.
The second reason that Steam Stealers are so popular is that they are cheap. While malware-as-a-service typically costs about $500 per sample, Steam Stealers are sold for as low as $3. Add $4 — and you’ll get a complete user manual and the source code, so you can modify the malware yourself. Ok, that was a cheap one, but it’s very hard to find stealers that cost more than 30.

Another “bonus” offered at additional charge is a fake website creation. Cloning of a popular program or web-resource used by gamers is a very solid and profitable add-on to a malicious campaign that aims to steal users’ credentials. For example, criminals can generate a fake copy of voice chats like TeamSpeak or RazerComms, or popular image-sharing sites such as Lightshot or Imgur.

Take care and do not visit dangerous fake sites. Only “https://t.co/y7VDxMs9Fw” ist the original. https://t.co/f37DMBolN9

— TeamSpeak (@teamspeak) November 23, 2015

Old new ways to steal

Fake “Steam Login” software, which sends stolen credentials to culprits is currently one of the most popular malware types as well. In some versions it sends the much-needed Steam Guard configuration files as well. It’s coded in Microsoft’s flagship language, C# so many people know how to write add-ons for it.

Criminals have learned the lesson of the tower of Babel. The entire source code of this malware is documented and available in the criminal’s language of choice, increasing the likelihood of a successful attack. Distributing the malware and targeting different regions or specific countries can sometimes be done simply by targeting a particular game known to be popular in the region.

How G2A and other stolen Steam key marketplaces are enabling credit card fraud and hurting game developers: … https://t.co/Oj5ju81sIO

— Starcraft Reddit (@RedditStarcraft) March 7, 2016

For example, having an active Steam Stealing “industry” in Russia and other parts of Russian-speaking Eastern Europe means that local residents are bound to find a stealer with a regionalized version in the Russian language. Steam platform is extremely popular in Russia, with Counter-Strike: Global Offensive as one of the most played games.

Gamers beware: modders are creating fake GTA5 mods – http://t.co/GAW51O4XGq pic.twitter.com/HsrHPEj84x

— Kaspersky Lab (@kaspersky) May 19, 2015

During the investigation we also noticed that the old-known fraud methods were evolving: fake screenshots got better, duplicate sites improved, delivery methods became more diverse and bots got better in mimicking human behavior. Now it’s clear: the number of threats specially tailored for stealing Steam property will only grow, as 2016 has only just begun. If you wish you can read more about our research at Securelist.com.

What Valve does to protect its users?

On the 2015 holiday season, Valve’s digital distribution platform reached an impressive milestone of 12 million concurrent users. As you can see there are a lot of potential victims to attract even more greedy hackers to the Steam.

Valve is rather concerned about the criminal business, that’s blooming on its leading gaming platform. It is adding a lot of new security measures. The bad guys also continue to look for potential vulnerabilities and new loopholes. It’s a continuous battle where the winner needs to always be one step ahead.

Valve Patches Password Reset Vulnerability in #Steam: https://t.co/O64li0r03x via @threatpost #gaming pic.twitter.com/yM5LGOSab8

— Kaspersky Lab (@kaspersky) July 27, 2015

The problem is that Steam is designed for entertainment. This service will always have to balance between safety considerations and ease of use. Many gamers are not ready to sacrifice their comfort for the sake of security. So if the service doesn’t win this battle for you, you’ve got to take it in to your own hands.

I want to protect my Steam Account. What should I do?

  • Keep up with Steam’s updates and new security features.
  • Read about the most widespread methods of Steam fraud.
  • Enable two-factor authentication via Steam Guard.
  • Beware of phishing campaigns, which would likely send direct messages and use fake websites to fool you. And, yes, get familiar with what phishing is and how to protect yourself, if you haven’t done that already.
  • Always keep your security solution up to date and never disable it. Kaspersky Internet Security has a special Gaming Mode — once the game is in full screen mode, the security solution won’t perform any tasks that impact performance and won’t interrupt you at all.

#Security tips for #gamers: https://t.co/tBfI5TrvU5 via @kaspersky #phishing pic.twitter.com/wg79zP3jl1

— Kaspersky Lab (@kaspersky) January 8, 2015

As you might know, criminals aim for numbers and if breaking you means too much trouble they would likely move on to the next target.

You should also have a look at Steam’s own security library and follow its recommendations. We highly recommend that you pay attention to these articles:

  • Account security recommendations
  • Account phishing
  • Items traded from stolen account
  • Recovering a stolen or hijacked steam account
  • Steam item restoration policy
  • Steam trading and gifting Knowledge Base

Security and Trading: Updatehttps://t.co/Huw6zcjbPH

— Steam Support (@Steam_Support) March 2, 2016


Source: kaspersky.com

Translate this article

TAGGED: Authentication, Malware, Microsoft, Phishing, PoC, Security, Software, Source code, Threat, Threats, Vulnerabilities
Vitus White October 13, 2022 September 30, 2019
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Detecting zero-days before zero-day
Detecting zero-days before zero-day
Apps 23 hours ago
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Apps 23 hours ago
Network performance update: Birthday Week 2023
Network performance update: Birthday Week 2023
Apps 23 hours ago
Cloudflare now uses post-quantum cryptography to talk to your origin server
Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps 2 days ago
Privacy-preserving measurement and machine learning
Privacy-preserving measurement and machine learning
Apps 2 days ago

You Might Also Like

Detecting zero-days before zero-day
Apps

Detecting zero-days before zero-day

23 hours ago
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Apps

See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan

23 hours ago
Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps

Cloudflare now uses post-quantum cryptography to talk to your origin server

2 days ago
Privacy-preserving measurement and machine learning
Apps

Privacy-preserving measurement and machine learning

2 days ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
How to install September 2023 update with 23H2 features for Windows 11
How to get the latest Windows 11 innovations
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
PHP Object Injection Vulnerability in Flatsome Theme

10 New Stories

Encrypted Client Hello – the last puzzle piece to privacy
Beware of scammers! Dangerous apps in the App Store
How to enable extensions for Google Bard AI
Reminder: Enable two-factor authentication wherever you have it. This business
​​Know exactly when your data is transferred to GoogleIn a world where our data is permanent
​​Fake correspondence with the iPhone interfaceIn a world where digital communication is
Previous Next
Hot News
Detecting zero-days before zero-day
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Network performance update: Birthday Week 2023
Cloudflare now uses post-quantum cryptography to talk to your origin server
Privacy-preserving measurement and machine learning
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?