Gamers have recently reported a new malware, called ‘Eskimo,’ targeting user’s virtual Steam wallets filled with valuable gaming assets. The malware was seen advertised on Twitch.tv – a live streaming platform for video gaming with more than 50 million viewers.
Using Twitch’s chat feature, the malicious malware is disguised as a weekly raffle to win gamer’s goods, such as Counter-Strike: Global Offensive items.
After clicking on the offered link, a Java program prompt users to fill out a raffle entry form, harvesting the participant’s name and email address, as well as the permission to publish the winner’s name.
The malware will then install and run a Windows binary file that gains access to your Steam account and execute these commands:
- Take screenshots
- Add new friends in Steam
- Accept friend requests in Steam
- Initiate trading with new friends in Steam
- Buy items with the user’s Steam wallet if it has money
- Send trade offers and accept transactions
- Sell items at a discount in the market
Through these actions the attacker is capable of stealing the assets in a user’s Steam wallet, armory and inventory, as well selling the assets for a discount in the Steam Community Market. Ultimately, attackers sell any unwanted assets in order to purchase items of higher gaming value, and often later trade the items away.
However, the online network does have security checks in place for new machines, suggesting Steam might help its users by adding another security check for those trading several items to a newly added friend or items offered for sale below a certain price threshold.
The gaming attack is not much different than the steps taken by many phishing scams aimed at stealing other online assets, such as corporate IP, credit card information and personal financial data.
Online gaming networks are also seen as valuable targets for cybercriminals, raking in revenues in the millions and countless accounts as potential targets.
An update from Twitch to PCWorld came in saying “they have since blocked the link to the malware in question and have reminded its users to avoid clicking on links from people they don’t know, just like they wouldn’t do on any other social media sites.”
The company added it has received only two reports from users regarding this malware but reminds users they are able to block links from appearing in the chat feature, thereby preventing others from posting malicious links or spam altogether.
“Regardless, be careful what you click on and don’t enter raffles and giveaways from people or companies you don’t know and trust.”
Read More Here…