Hackers Planted a Steam Game With Malware To Steal Gamers' Passwords

Valve removed the game PirateFi from Steam after discovering it was laced with the Vidar infostealer malware, designed to steal sensitive user data such as passwords, cookies, cryptocurrency wallets, and more. TechCrunch reports: Marius Genheimer, a researcher who analyzed the malware and works at SECUINFRA Falcon Team, told TechCrunch that judging by the command and control servers associated with the malware and its configuration, 'we suspect that PirateFi was just one of multiple tactics used to distribute Vidar payloads en masse.' 'It is highly likely that it never was a legitimate, running game that was altered after first publication,' said Genheimer. In other words, PirateFi was designed to spread malware.

Genheimer and colleagues also found that PirateFi was built by modifying an existing game template called Easy Survival RPG, which bills itself as a game-making app that 'gives you everything you need to develop your own singleplayer or multiplayer' game. The game maker costs between $399 and $1,099 to license. This explains how the hackers were able to ship a functioning video game with their malware with little effort.

According to Genheimer, the Vidar infostealing malware is capable of stealing and exfiltrating several types of data from the computers it infects, including: passwords from the web browser autofill feature, session cookies that can be used to log in as someone without needing their password, web browser history, cryptocurrency wallet details, screenshots, and two-factor codes from certain token generators, as well as other files on the person's computer.

Read more of this story at Slashdot.