Skip to main content

This $40 Trojan virus is a reminder to two-factor all your gaming accounts

Hacker
(Image credit: Caroline Purser/Getty)

Online security firm Kaspersky, makers of one of the best antivirus software options out there,has in recent years been emphasising that gaming accounts are an extremely attractive target for the bad 'uns. Last month for example it reported blocking 5.8 million malware attacks "disguised as popular PC games" in 2020, adding that such attacks had "soared with the introduction of lockdowns".

Now Kaspersky is warning of a new Trojan it discovered earlier this year, which goes by the charming name of Bloodystealer. It targets accounts on EA Origin, Steam, Epic Games, GOG, and other gaming services, and aims to scrape session data and passwords, along with information like bank card details, device data, screenshots, and other files.

"What struck us was that most of the listed programs are game-related, which suggests that gamer accounts and their contents are in demand on the underground market," writes Kaspersky's Julia Glazova.

BloodyStealer is the kind of thing that script-kiddies are drawn towards, a cheap high-volume piece of malware that, according to Kaspersky, is sold for $10 / month or $40 for a 'lifetime' license (I love the idea of malware having a license). The primary target is apparently databases with login information, and the scraped information is being both sold in bulk (as an example, there's a screenshot of a seller below offering 65,600 logs, broken down by region, for $150) or accounts can be sold individually if they're of unusual value (lots of games, expensive in-game items and so on).

A hacker trying to sell gaming account info.

(Image credit: Kaspersky Labs)

The Kaspersky boffins are worryingly impressed by the relative sophistication of Bloodystealer, particularly considering its low cost. A full breakdown of how it exploits its unfortunate victims can be found here.

"In the gaming industry user data is still highly sought after, but at much cheaper prices than in the past with attackers successfully using the malware-as-a-service model to generate revenue and drive down costs as the supply increases," says
Sam Curry, chief security officer at Cybereason, an online security firm. Then he starts sounding a bit like a Metal Gear Solid boss. "Overall, the number of identity compromises by this point is more than 10 times larger than the world's population, and yet life continues. The unthinkable has become the mundane and the routine."

The advice from the people who know what they're talking about is always the same. Use strong passwords, enable two-factor authentication on accounts that have that option, and look at website URLs carefully. Never click on links or attachments from unknown sources, and if the worst happens immediately report it to law enforcement. Here's Kaspersky's guide to protecting your Steam account.

Most of all, don't think it won't happen to you or that your account isn't 'worth' stealing: malware is omnipresent and never stops evolving. When something so cheap is capable of propagating itself globally like this, failing to protect your account details just guarantees they'll end up on some list in the dark corners of the web.

Rich Stanton

Rich is a games journalist with 15 years' experience, beginning his career on Edge magazine before working for a wide range of outlets, including Ars Technica, Eurogamer, GamesRadar+, Gamespot, the Guardian, IGN, the New Statesman, Polygon, and Vice. He was the editor of Kotaku UK, the UK arm of Kotaku, for three years before joining PC Gamer. He is the author of a Brief History of Video Games, a full history of the medium, which the Midwest Book Review described as "[a] must-read for serious minded game historians and curious video game connoisseurs alike."