Advanced malware is stealing gaming account data — Steam, Epic Games and more at risk

MacBook Pro
(Image credit: Andrew Brookes/Getty Images)

Cybersecurity analysts discovered an advanced malware being advertised on a Russian-speaking underground forum, and not only can it harvest valuable information via a user's gaming account, but anyone can purchase the malicious stealer for under $10.

Known as BloodyStealer, the trojan malware allows cybercriminals to grab information from the most popular online gaming platforms found on PC, including from Epic Games Store, GOG, Origin, and Steam. The threat actor can loot private information found on a user's account, and put a price tag on it on the black market. 

As discovered by cybersecurity analysts Kaspersky and spotted by @3xp0rtblog on Twitter, the malware was first found back in March after its author put up an advertisement on an underground forum. The ad stated that BloodyStealer costs 700 RUB (around $9.65) for one month or 3,000 RUB (around $41.31) for a lifetime.

The advertisement claimed the malicious trojan came with a number of features, including being able to grab cookies, passwords, forms, bank cards from browsers; steal all information about a PC; steal files from a desktop and a uTorrent client; and is able to steal sessions from big gaming clients.

Additionally, the report points out that BloodyStealer was also able to protect the user against reverse engineering and malware analysis. As shown in the report, however, cybersecurity analysts were able to provide full details on the anti-analysis methods used. It is likely that the malware infects a device through dodgy download clients or phishing emails.

So far, BloodyStealer has been found to be in use in Europe, Latin America, and the Asia-Pacific region. A great way to defend yourself against any cybersecurity threat is by protecting your account with two-factor authentication. Plus, be aware of any malicious links to external sites from a game chat of any kind.

Kaspersky continues to talk about the wholesale deals dark web sellers offer potential customers, including packages containing 1,000 private logs from various gaming accounts for $300. Speaking of, you can check how much is your Steam account worth

Darragh Murphy

Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it's connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag.