facebook rss twitter

Steam Stealer malware begins to proliferate says Kaspersky Labs

by Mark Tyson on 16 March 2016, 12:36

Tags: Kaspersky

Quick Link: HEXUS.net/qaczgm

Add to My Vault: x

Late last year we saw the Valve Blog report that around 77,000 Steam accounts are hacked every month. The news came with a new initiative from Valve to push users to adopt two-factor authentication using the Steam Guard Mobile Authenticator (part of the Steam mobile app). The popular PC gaming platform also implemented delays in the trading process to give people a decent chance of noticing they have been hacked and be able to act and get their account back. The delays amount to 3 days for trading items to go through the system, or 1 day for trades with Steam friends you have had for over 1 year. However in an email HEXUS has recently received from Kaspersky Lab, there's a new breed of malware increasing in popularity -built to gain control of your Steam Account.

Steam has over 100 million users, who virtually hold a huge amount of valuable digital goods, making it a big target for fraudsters. It has come to the attention of Kaspersky Lab researcher Santiago Pontiroli and his independent research colleague, Bart P, that so called 'Steam Stealer' malware has started to proliferate.

The new malware originates from Russia, says Kaspersky, and it is sold under a malware-as-a-service business model for as little as £20. You can buy it "in different versions with distinct features, free upgrades, user manuals, custom advice for distribution and more," say the researchers.

There are still hurdles to jump to get the malware onto target user systems. Kaspersky says that "Steam Stealers are mainly distributed either via fake cloned websites hosting the malware or through a social engineering approach where the victim is targeted with direct messages, encouraging them to open a malicious file". However once on a target system the malware "steals the entire set of Steam configuration files," plus the Steam KeyValue file that contains user credentials, as well as the information that maintains a user's session. That theft enables cybercriminals to control the stolen accounts, assert the researchers.

Currently there are nearly 1200 samples of different Steam Stealers recorded across the globe. Leading regions for attacks are Russia, the US, Europe (France and Germany), India and Brazil. Kaspersky says it detects Steam Stealer trojan groups including Trojan.Downloader.Msil.Steamilik; Trojan.Msil.Steamilik; Trojan-psw.Msil.Steam and others.

As usual, the message to take away from this kind of news is; keep your security software up to date, and be wary of unfamiliar websites and potential phishing communications. Of course Steam has extra security measures which you can click through and implement too.



HEXUS Forums :: 23 Comments

Login with Forum Account

Don't have an account? Register today!
Russian mentality, get one up on anyone no matter the consequences. It really boggles the mind how in CS:GO players in UK have to connect to Luxembourg servers which are also host to Russian players who are predominantly the cheaters. Why don't they have Western Europe exclusive servers and Russian exclusive servers and the can ‘go play with themselves.’
go4brendon
Russian mentality, get one up on anyone no matter the consequences. It really boggles the mind how in CS:GO players in UK have to connect to Luxembourg servers which are also host to Russian players who are predominantly the cheaters. Why don't they have Western Europe exclusive servers and Russian exclusive servers and the can ‘go play with themselves.’

Kaspersky Labs is Russian.

PS,I like your xenophobic generalisation of Russians.

“Their mentality” in their case using your metric OFC is no different than Western Europe has done over the last few 100 years - even going to the extent of enslaving and destroying cultures for spices so they could get one up on each other.
CAT-THE-FIFTH
go4brendon
Russian mentality, get one up on anyone no matter the consequences. It really boggles the mind how in CS:GO players in UK have to connect to Luxembourg servers which are also host to Russian players who are predominantly the cheaters. Why don't they have Western Europe exclusive servers and Russian exclusive servers and the can ‘go play with themselves.’

Kaspersky Labs is Russian.

PS,I like your xenophobic generalisation of Russians.

“Their mentality” in their case using your metric OFC is no different than Western Europe has done over the last few 100 years - even going to the extent of enslaving and destroying cultures for spices so they could get one up on each other.

Let's leave the colonialism and postcolonial discussions aside. This is a tech site. We're talking about Steam and internet piracy, so lets stick to that heading.
Luke7
Let's leave the colonialism and postcolonial discussions aside. This is a tech site. We're talking about Steam and internet piracy, so lets stick to that heading.

Exactly and that's why somewhat xenophobic generalisations need to be countered. None of the powerful and rich countries in the world got there by being nice to anyone.

You could argue “the get one up mentality” is no different than all the posers here in Blighty who want to show off on social media that they are Keeping up with the Joneses,or capitalists screwing over the little guy just so then they can “get one dollar/pound/euro more up” on their mate.

Last time I checked cheating was not the preserve of Russian players,otherwise none of the US only servers in games would have anti-cheating stuff active.
go4brendon
Russian players who are predominantly the cheaters.

Wrong.

A recent post on the CS:GO sub reddit showed that the majority of cheaters (caught) as of Feb this year, were from the USA, by 3 / 4% - cant link to the thread as I am in work. Just because someone is better than you, or you have a bad game, does not mean they are cheating