Thousands of gamers targeted in a new cyberattack – Epic Games, Steam, Origin, Telegram and other login sessions at risk

Advertisement
Thousands of gamers targeted in a new cyberattack – Epic Games, Steam, Origin, Telegram and other login sessions at risk
Representational image.Unsplash
  • Kaspersky researchers have warned about a new malware that is targeting gamers.
  • The BloodyStealer malware targets session data, passwords, bank card details, browser autofill data and more.
  • The malware also targeted account details of users on Epic Games, Steam, GOG, Origin and Bethesda.
Cyberattacks have been increasing over the years due to an increase in online users. Now, a new report by researchers from popular cybersecurity firm Kaspersky has revealed that cybercriminals have started targeting gamers and their accounts with a new malware dubbed as BloodyStealer.

The BloodyStealer malware is capable of fetching session data and passwords and cookie exfiltration. The stealer is capable of targeting bank card details, browser autofill data, screenshots from the computer, desktop and uTorrent client files and more.

As per the report, the malware also targeted the session details of clients such as Epic Games, Steam, Origin, GOG, Bethesda, Telegram and VimeWorld. Some of the popular titles available on these stores include GTA V, Fortnite, Battlefield, FIFA 2022 among others.

Advertisement
As per the researcher, the malware was first spotted in March 2021 after an advertisement for a malware named as BloodyStealer was noticed on a Russian underground forum. The author asked potential customers to contact him using Telegram.

“What caught our attention is BloodyStealer’s capability to fetch information related to computer games installed on an infected system. BloodyStealer targets major online gaming platforms, such as Steam, Epic Games Store, EA Origin, etc.” said Dmitry Galov, researcher, Kaspersky.

The BloodyStealer malware was priced at 700 RUB (approx. $10) for one month and a lifetime purchase was priced at 3000 RUB (approx. $40).

Advertisement

The data scraped by the malware is sent to a command and control (C&C) server which can then be accessed using Telegram or a dark web panel.

“Both C&C servers are placed behind Cloudflare, which hides their original IPs and provides a layer of protection against DDoS and web attacks,” added Galov.

The researcher added a few tips for users to protect their gaming accounts from such malware.

Advertisement
  • Enable two-factor authentication for all your accounts.
  • Purchase games from official sites only and avoid unknown third-party websites.
  • Avoid clicking links received in emails from unknown senders as it could be a phishing attempt.
  • Do not click on links directing you to external sites from game chat. This also includes messages from unknown gamers.
  • Be careful while entering your username and password on third-party websites.
SEE ALSO:

This new Android banking malware can screen record everything on your phone

A COVID-19 SMS malware is targeting users in India as they look for alternatives to CoWIN for vaccine registration

Malware infiltrates the defenses of common antivirus softwares like McAfee, Kaspersky, Symantec and others

{{}}