TECH NEWS – A new Trojan called BloodyStealer is targeting users of popular gaming platforms.
Researchers at Kaspersky have discovered an advanced Trojan program called BloodyStealer and found that the malware, sold on darknet forums, steals players’ accounts on popular gaming platforms such as Steam, Epic Games Store and EA Origin. BloodyStealer is an excellent example of the threats lurking online gamers, with its low subscription fee and exciting capabilities to block analysis and detection. This, along with an overview of stolen game-related products sold on the darknet, is the subject of Kaspersky’s latest report on threats to game-related data.
As Kaspersky’s latest research shows, in-game goods and in-game accounts demand the darknet. Login credentials and passwords for games on popular platforms such as Steam, Origin, Ubisoft and EpicGames can be purchased in bulk for as little as $14.2/1000 accounts, or for 1-30% of the account value if offered individually. These stolen accounts are not the result of accidental data leaks but deliberate cybercriminal campaigns using various malware like BloodyStealer.
BloodyStealer is a Trojan data stealer program that can collect and extract various cookies, passwords, form and credit card data from browsers, screenshots, log memory and sessions of multiple applications. Gaming platforms are no exception, in particular EpicGames, Origin and Steam.
Kaspersky researchers first encountered the malware in March, when it was touted as evading detection and protecting against decryption and malware analysis in general. It is offered at attractive prices on underground forums: under $10 for a one-month subscription or $40 for a lifetime subscription.
The malware also stands out from the rest because it is decrypted and analysed using various anti-analysis methods, such as packers and debugging techniques. The data stealer is sold in underground markets, and customers can protect their copy with a preferred wrapper or use it as part of another multi-stage infection chain. Kaspersky experts have detected attacks using BloodyStealer in Europe, Latin America and the Asia-Pacific region.
Although BloodyStealer is not exclusively used to steal game data, its targets indicate the demand for this type of data among cybercriminals. Logs, accounts, in-game goods – all these game-related products are offered on the darknet at attractive prices, either in bulk or individually.
Advertisement about BloodyStealer’s capabilities
“Despite the myriad of options available to cybercriminals to buy or borrow data-stealing software to use in their attack chain, BloodyStealer has attracted a lot of attention from users on an underground forum. This data stealer has some interesting capabilities, such as extracting browser passwords, cookies and environmental information. The developers have also added capabilities to the malware’s arsenal, such as harvesting data related to online gaming platforms. This data can then be sold to underground platforms specialising in selling access to online gaming accounts or Telegram channels,” explained Árpád Tóth, Director of Kaspersky Hungary. “It’s obvious that cybercriminals are hunting for game accounts, so if you want to play in peace and don’t want to worry about losing your in-game money or account, make sure you protect your account with two-factor authentication and use a reliable security solution to protect your devices.”
Kaspersky has been committed to protecting gamers and making the industry safer for many years. The company launched its ‘Fearless Gaming’ strategy earlier this year to build a stronger relationship with gamers and raise awareness of the importance of safe online habits and the role of cybersecurity in e-sports. Watch the video.
Find out more about BloodyStealer and darknet software for games on the Securelist website.
Kaspersky experts say this is how to stay safe while gaming:
- Protect your accounts with two-factor authentication where possible, or review your account settings carefully.
- Don’t click on links to external sites in-game chat, and carefully check the address of any source that asks for username and password, as the site may be fake.
- Avoid downloading pirated software and other illegal content, even if you have been redirected from a legitimate website.
- Use a strong, reliable security solution, especially one that doesn’t slow down your computer while you’re playing and that also protects you from any possible cyber threats. For example, you can use Kaspersky Total Security, which works seamlessly with Steam and other gaming services
- An effective security solution, such as Kaspersky Internet Security for Android, can also protect you from malware and its consequences on your mobile device.
Source: Kaspersky