A new Trojan called BloodyStealer targets players’ accounts on EA Origin, Steam, Epic Games, GOG, and other services, according to Kaspersky researchers. The malware can extract session data and passwords, along with information such as bank card details, device data, screenshots, and uTorrent files. “What surprised us was that most of the programs listed are related to games, suggesting that player accounts and their content are in demand in the underground market,” wrote Julia Glazova of Kaspersky in a blog post.
BloodyStealer is relatively cheap at $ 10 per month or around $ 40 for a lifetime license. The main target of the attack appears to be the registries or databases that contain information used to access the accounts. They can then be offered to buyers via Telegram or a malware panel. In one example, Kaspersky showed a screenshot of a seller with 65,600 records broken down by region, available for $ 150. They can also be sold individually – accounts with lots of games, add-ons, and expensive items are particularly valuable.
The Trojan stood out to researchers for its clever construction, using anti-debugging tools that make reverse engineering difficult. The information is sent as a ZIP file to a command and control (C&C) server, protected against DDoS and other types of web attacks.
Kaspersky noted that it is seeing malware all over the world and provided tips to avoid becoming a victim. Recommend buying apps only from official sources (not torrents) to avoid malware. It also recommends protecting your account with a strong password and preferably two-factor authentication. At the bottom of the post, it also provides guides to maximize the security settings for each platform.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.