Steam, Epic and GOG accounts targeted by the Ruthless BloodyStealer Trojan
Do you still think video games are children’s business? A surprising number of people still think of video games as small, but the reality is that last year, according to IDC data, video games generated more revenue ($ 179 billion) than movies. and professional sports combined ($ 175 billion). That’s a lot of money changing hands, and a lot of that money is spent adding digital licenses to accounts with services like Steam, Xbox, PlayStation, etc.
Knowing this, it becomes evident that these accounts are like candy candy to online predators. We’re not talking about the “why don’t you have a seat” type of online predators? Rather, we’re talking about people deploying phishing and malware tools to capture the accounts of innocent gamers who fall prey to their traps. Such accounts can be worth hundreds or thousands of dollars, so even though they usually sell for a fraction of their value, they can still be very lucrative.
The Kaspersky security agency issued a warning bulletin on one of the latest threats directly targeting gamers: a Trojan horse called BloodyStealer. Available for 700 RUB per month (around $ 10) using a distribution model that Kaspersky calls “malware-as-a-service”, BloodyStealer is a Trojan horse, which means it comes in disguise or packaged with a legitimate program, especially pirated game software. In addition to the usual payment data that malware targets (like passwords, cookies, and banking information stored in browser autofill data), BloodyStealer specifically targets player accounts on Steam, Epic Games, GOG. , EA Origin, Bethesda.net, VimeWorld, and even other services like Telegram.
Kaspersky notes that BloodyStealer has already been around the world despite being relatively new software. It stands out not only for its rapid spread, but also for its advanced capabilities. The security company claims that the Trojan has a whole suite of tools designed to thwart security analysis and that the stolen information is sent to a private command and control server that is protected against DDoS attacks. From there, it can be accessed using a bespoke control panel or via Telegram.
Naturally, the company recommends its own software, Kaspersky Security Cloud, to protect players from Bloodystealer. However, Kaspersky also offers some general tips to avoid falling victim to this malware and other similar malware: use strong passwords, use two-factor authentication, follow official sources for software downloads, beware get links from strangers and make sure any site you slap your credentials on is the real deal. All pretty standard advice, but it’s almost depressing how many times people slip up on these simple ideas.