BloodyStealer malware hijacks Steam, Epic Games Store and EA Origin accounts

Kaspersky Lab experts have discovered that the BloodyStealer Trojan that is being sold on the darknet and that hijacks accounts of popular gaming platforms, including Steam, Epic Games Store and EA Origin.

According to an ad placed on the darknet, the malware steals various data from the infected device:

  1. passwords, cookies, bank card details and autofill forms from browsers;
  2. device data;
  3. screenshots;
  4. files from the desktop and from the uTorrent client;
  5. sessions in Bethesda, Epic Games, GOG, Origin, Steam, Telegram and VimeWorld clients;
  6. logs.

BloodyStealer has a knack for avoiding detection, and it costs less than $ 10 on the darknet for a monthly subscription and $ 40 for an unlimited subscription.

The researchers note that in-game products and accounts are in high demand among cybercriminals. Sign-in credentials for popular gaming platforms (such as Steam, Origin, Ubisoft, or EpicGames) can sell for as low as $ 14 per 1,000 wholesale accounts and up to 30% of the account value for individual accounts.

Announcement of the sale logins
Announcement of the sale of 280,000 logins and passwords

At the same time, stolen accounts usually appear on the darknet not as a result of leaks, but as a result of targeted attacks by cybercriminals, including the use of malware such as BloodyStealer. It is emphasized that the malware is not only designed to steal information related to games, but the platforms that BloodyStealer targets show that the demand for these types of data among criminals is high.

The Trojan in question is capable of collecting various types of data, such as cookies, passwords, screenshots, data from autofill forms and bank cards. BloodyStealer attacks have so far been recorded in Europe, Latin America and the Asia-Pacific region. But this does not mean that it cannot attack users in other countries as well.says Dmitry Galov, a cybersecurity expert at phòng thí nghiệm kaspersky.
Although experts did not share information about BloodyStealer’s attack vectors, modding programs and cheating software for various games are usually used to distribute such malware.

Let me remind you that I talked about the fact that Swarez Trojan and Dropper Distributed under the Disguise of 15 Popular Games.

Helga Smith

Tôi luôn quan tâm đến khoa học máy tính, đặc biệt là bảo mật dữ liệu và chủ đề, được gọi là ngày nay "khoa học dữ liệu", kể từ khi tôi còn ở tuổi thiếu niên. Trước khi vào nhóm Diệt Virus với vai trò Tổng biên tập, Tôi đã làm việc với tư cách là chuyên gia an ninh mạng tại một số công ty, bao gồm một trong những nhà thầu của Amazon. Một trải nghiệm khác: Tôi đã nhận được đang giảng dạy tại các trường đại học Arden và Reading.

Gửi phản hồi

Website này sử dụng Akismet để hạn chế spam. Tìm hiểu bình luận của bạn được duyệt như thế nào.

Nút quay lại đầu trang