Malware is fast spreading through gaming video streaming website Twitch and emptying gamers' Steam accounts.
According to IT security firm F-Secure, the malware spreads through Twitch's chat facility with a enticement to users to join a weekly raffle. However, when users click on a link, a Java program executes a fake entry form.
Once the form is filled out and submitted, the malware starts up (the entry form doesn't get submitted anywhere). This malware installs and runs a Windows binary file that accesses a Steam account on the computer.
This malware then takes screenshots, adds new friends in Steam, accepts pending friend requests and initiates trading with these new friends.
It will also buy items if a user has money and will also send a trade offer as well as accept pending trade transactions and sell discounted items in the market.
"This malware, which we call Eskimo, is able to wipe your Steam wallet, armory, and inventory dry. It even dumps your items for a discount in the Steam Community Market," said the firm in a blog post.
The firm added that all of this is done on the victim's machine, "since Steam has security checks in place for logging in or trading from a new machine," said the firm.
"It might be helpful for the users if Steam were to add another security check for those trading several items to a newly-added friend and for selling items in the market with a low price based on a certain threshold. This will lessen the damages done by this kind of threat," it added.
In a tweet, the support team at Twitch warned users not to click on the "csgoprize" link in chat sessions.
"This is a phishing attempt to install malware and compromise your Steam account. We will work to block that link, but be aware that variants could appear. In general, you should be wary of any links in chat," the firm said.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Hackers are turning Amazon S3 bucket encryption against customers in new ransomware campaign – and they’ve already claimed two victimsNews Attackers are using AWS’ server-side encryption to conduct ransomware attacks
-
Amazon confirms employee data compromised amid 2023 MOVEit breach claims – but the hacker behind the leak says a host of other big tech names are also implicatedNews Millions of records stolen during the 2023 MOVEit data breach have been leaked
-
Amazon's Ring agrees to $5.8m settlement over alleged use of its cameras to spy on female customersThe firm will also pay $25m for allegations Alexa stored child voice recordings indefinitely
-
Amazon gave police departments Ring footage without permissionNews The tech giant has done this 11 times this year
-
Senators quiz Amazon on palm scanning techNews Lawmakers fret about the privacy implications of Amazon One
-
Amazon faces £637 million fine over GDPR violationsNews If confirmed, the penalty would be almost 15-times larger than the current record fine
-
AWS shuts down NSO Group infrastructureNews The Israeli company’s Pegasus spyware was used to target at least 50,000 mobile phones
-
Amazon’s Ring now requires police to request doorbell videos publicly
News Previously, Ring owners got private messages from police looking for user videos
