A new advanced trojan sold on Russian-speaking underground forums comes with capabilities to steal users’ accounts on popular online video game distribution services, including Steam, Epic Games Store, and EA Origin, underscoring a growing threat to the lucrative gaming market.
Cybersecurity firm Kaspersky, which coined the malware “BloodyStealer,” said it first detected the malicious tool in March 2021 as being advertised for sale at an attractive price of 700 RUB (less than $10) for one month or $40 for a lifetime subscription. Attacks using Bloody Stealer have been uncovered so far in Europe, Latin America, and the Asia-Pacific region.
“BloodyStealer is a Trojan-stealer capable of gathering and exfiltrating various types of data, for cookies, passwords, forms, banking cards from browsers, screenshots, log-in memory, and sessions from various applications,” the company said. The information harvested from gaming apps, such as Bethesda, Epic Games, GOG, Origin, Steam, and VimeWorld, is exfiltrated to a remote server, from where it’s likely to be monetized on darknet platforms or Telegram channels that are dedicated to selling access to online gaming accounts.
images from Hacker News