Twitch chat bot plagues Steam users with wallet-emptying malware

If you've recently been invited to take part in a raffle for Counter-Strike: Global Offensive items while chatting in Twitch, the good people at F-Secure have a bit of advice: Don't do it.

The messages are being spread by a Twitch bot, according to a recent F-Secure report , which enters channels and invites users to follow a link in order to enter a draw. The link leads to a site that asks for the user's name, email address and permission to publicize his or her name, but once that information is entered, a Windows executable is run that does some pretty nasty stuff: It can take screens, add new Steam friends and accept pending friend requests, initiate trades with new Steam friends, buy items (if there's money present in the user's Steam wallet), send trade offers, accept pending trades and sell items at a discount.

Previous variants of this hack were selling items at a 12 percent discount but it's apparently now running at 35 percent. The software is able to completely empty wallets, armories and inventories. "Being able to sell uninteresting items will allow the attacker to gather enough money to buy items that he deems interesting," the report states. "The interesting items are then traded to an account possibly maintained by the attacker."

F-Prot notes that all of this happens from the victim's own PC in order to get around Steam security checks that kick in when a user logs in from a new machine. It's a good warning to take note of: Steam may be a very secure environment, but nothing is foolproof. Be careful what you click.


As lead news writer during ‘merican hours, Andy covers the day-to-day events that keep PC gaming so interesting, exciting, and occasionally maddening. He’s fond of RPGs, FPSs, dungeons, Myst, and the glorious irony of his parents buying him a TRS-80 instead of an Atari so he wouldn't end up wasting his life on videogames.
We recommend