A malware dubbed BloodyStealer by cybersecurity firm Kaspersky has the ability to hack users’ accounts on Steam, Epic Games Store, EA Origin and other gaming platforms, according to a Kaspersky blog post on Monday (Sept. 27).
Using a malware-as-a-service distribution model, the advanced trojan is being offered for sale for less than $10 per month or $40 for life in Russian-speaking underground forums. Kaspersky first identified the virus in March. It has affected gamers in Europe, Latin America and the Asia-Pacific region.
See also: Kaspersky Detects 1.5B IoT Cyberattacks This Year
An underground ad for BloodyStealer indicated that the exploit can snatch passwords, bank card info, browser autofill data, cookies, device data, screenshots, uTorrent client files, logs and more.
“BloodyStealer is a Trojan-stealer capable of gathering and exfiltrating various types of data, for cookies, passwords, forms, banking cards from browsers, screenshots, log-in memory and sessions from various applications,” Kaspersky said.
Data gleaned from gaming platforms like Bethesda, Epic Games, GOG, Origin, Steam and VimeWorld gets sent to a remote server, presumably to be monetized on the darknet or specific Telegram channels.
Related reading: Hackers Putting Malware Inside Video Games
Aside from grabbing user data, BloodyStealer is equipped with tools that make analyzation by security and law enforcement hard. The snatched information is sent as a ZIP file to a protected server. From that point, fraudsters can access the stolen data via Telegram or using the server’s basic control panel.
“BloodyStealer is a prime example of an advanced tool used by cybercriminals to penetrate the gaming market,” Kaspersky researchers said. “With its interesting capabilities, such as extraction of browser passwords, cookies and environment information as well as grabbing information related to online gaming platforms, BloodyStealer provides value in terms of data that can be stolen from gamers and later sold on the darknet.”
You may also enjoy: Apple Software Patch is an Indication of an Intensifying Cybersecurity Arms Race