Steam accounts emptied by Twitch malware scam
Hackers hijack Steam accounts and empty them
Malware is fast spreading through gaming video streaming website Twitch and emptying gamers' Steam accounts.
According to IT security firm F-Secure, the malware spreads through Twitch's chat facility with a enticement to users to join a weekly raffle. However, when users click on a link, a Java program executes a fake entry form.
Once the form is filled out and submitted, the malware starts up (the entry form doesn't get submitted anywhere). This malware installs and runs a Windows binary file that accesses a Steam account on the computer.
This malware then takes screenshots, adds new friends in Steam, accepts pending friend requests and initiates trading with these new friends.
It will also buy items if a user has money and will also send a trade offer as well as accept pending trade transactions and sell discounted items in the market.
"This malware, which we call Eskimo, is able to wipe your Steam wallet, armory, and inventory dry. It even dumps your items for a discount in the Steam Community Market," said the firm in a blog post.
The firm added that all of this is done on the victim's machine, "since Steam has security checks in place for logging in or trading from a new machine," said the firm.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"It might be helpful for the users if Steam were to add another security check for those trading several items to a newly-added friend and for selling items in the market with a low price based on a certain threshold. This will lessen the damages done by this kind of threat," it added.
In a tweet, the support team at Twitch warned users not to click on the "csgoprize" link in chat sessions.
"This is a phishing attempt to install malware and compromise your Steam account. We will work to block that link, but be aware that variants could appear. In general, you should be wary of any links in chat," the firm said.
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.