Just as Microsoft and Google offer subscription-based productivity software and cloud file storage, cybercriminals offer pay-as-you-go malware. One such service that was discovered recently is taking aim at PC gamers.
Unsubtly Dubbed BloodyStealer, the malware is being offered via Russian-speaking underground hacking forums. The going rate is around $10 per month, but for the bargain price of just $40 crooks can secure a lifetime license for the service.
BloodyStealer can harvest account and session information from all major PC gaming platforms, including Steam, Origin, Epic Games and Bethesda.
Why target gamers? Because both their accounts and stashes of in-game loot can be sold for tidy profits. Researchers at Securelist found one seller who had amassed a collection of 280,000 usernames and passwords for various gaming platforms. The asking price: $4,000.
BloodyStealer also collects data logs, files that contain session information, browser cookies and screenshots that can be used to access a victim’s account. Individually these logs sell for around 34 cents each. Buying in bulk lots bring major savings. 100 log files runs buyers just over $17.
Rare in-game items are generally sold at discounts of 30 to 40%. These items tend not to go on sale very often (if ever) and less-scrupulous players are more than willing to go bargain hunting on shady marketplaces.
This is not a threat that’s limited to just those who play games on their PCs. BloodyStealer’s capabilities go much, much further.
Its other capabilities include exfiltrating files from victims’ desktops and from the ultra-popular BitTorrent app uTorrent. BloodyStealer can also capture usernames, passwords and bank account information from web browsers.
Kaspersky notes that BloodyStealer is a fairly sophisticated piece of malware, saying it “stands out to researchers because of several anti-analysis methods used to complicate its reverse engineering and analysis, including the use of packers and anti-debugging techniques.”
That could make it tricky for anti-malware software to defend against, but protecting yourself is reasonably simple. BloodyStealer is often spread via gaming chat apps, so be wary of any links sent from unfamiliar accounts.
Sites offering cheats or cracks for popular games should be avoided, too, as their downloads are often bundled with nasty malware like BloodyStealer.
Thank you for your feedback!