BloodyStealer trojan targets Steam, GOG and Epic accounts

White_Raven_X

Hack everything, hack the world!
OP
Member
Joined
Sep 23, 2019
Messages
464
Trophies
0
Age
42
XP
812
Country
United States
A new trojan called BloodyStealer is targeting gamer's accounts on EA Origin, Steam, Epic Games, GOG and other services, according to Kaspersky researchers. The malware can scrape session data and passwords, along with information like bank card details, device data, screen shots and uTorrent files. "What struck us was that most of the listed programs are game-related, which suggests that gamer accounts and their contents are in demand on the underground market," Kaspersky's Julia Glazova wrote in a blog post.
BloodyStealer is relatively cheap at $10 per month or around $40 for a lifetime license. Apparently the primary attack target is logs, or databases containing info used to access accounts. Those can then be offered to buyers via Telegram or a malware panel. In one example, Kaspersky showed a screenshot of a seller with 65,600 logs broken down by region, available for $150. They can also be sold individually — accounts with plenty of games, add-ons and expensive items are particularly valuable.


The trojan stood out to researchers for its clever construction, using anti-debugging tools that make it hard to reverse engineer. Information is sent as a ZIP archive to a command-and-control (C&C) server, protected against DDoS and other types of web attacks.

Kaspersky noted that it's seeing the malware around the globe and provided tips to avoid falling victim. It recommends buying apps only from official sources (not torrents) to avoid malware. It also recommends protecting your account with a strong password and, preferably, two-factor authentication. At the bottom of the post, it also provides guides to maxing out each platform's security settings.



Source:
https://www-engadget-com.cdn.amppro...rs-steam-gog-and-epic-accounts-105027673.html
 

notimp

Well-Known Member
Member
Joined
Sep 18, 2007
Messages
5,782
Trophies
1
XP
4,382
Country
Laos
Dear haxx0rs, please use your time differently than coding a toolkit targeting gamers, you then sell for 40USD, granting the buyer to create databases with all the worth of 150USD per 65,000 entries.

Regardless how much the dollar is worth - in your region - this sounds like a wrong career move. And aside that, what - Robin Hood now stealing from the tech interested poor, because its easier?

Here is an illustration:

Sadly in german, and only works if you've mastery of that language. Maybe you can bundle the earnings of 10 lifetime licenses, and buy an online language course. Or scrape/log someones Linda login data, or something.

Sincerely, ... at least target our grandparents. Thank you.
 
Last edited by notimp,
  • Like
Reactions: White_Raven_X

The Real Jdbye

*is birb*
Member
Joined
Mar 17, 2010
Messages
21,338
Trophies
3
Location
Space
XP
10,218
Country
Norway
Guessing it can't get Steam passwords since the password isn't actually stored on your computer. Unless it's also a keylogger.
Dear haxx0rs, please use your time differently than coding a toolkit targeting gamers, you then sell for 40USD, granting the buyer to create databases with all the worth of 150USD per 65,000 entries.

Regardless how much the dollar is worth - in your region - this sounds like a wrong career move. And aside that, what - Robin Hood now stealing from the tech interested poor, because its easier?

Here is an illustration:

Sadly in german, and only works if you've mastery of that language. Maybe you can bundle the earnings of 10 lifetime licenses, and buy an online language course. Or scrape/log someones Linda login data, or something.

Sincerely, ... at least target our grandparents. Thank you.
It's not primarily a career but something they do because they enjoy it and because they're good at it. At the same time they need to pay the bills so profit is tied into it somehow but it's not the reason they do it. If profit was the main reason then you are indeed right that there are better ways to make money with that skill set. White hat hacking is a very lucrative profession. But some people enjoy watching the world burn, and they can't do that as a white hat hacker.
 
  • Like
Reactions: White_Raven_X

notimp

Well-Known Member
Member
Joined
Sep 18, 2007
Messages
5,782
Trophies
1
XP
4,382
Country
Laos
It's not primarily a career but something they do because they enjoy it and because they're good at it. At the same time they need to pay the bills so profit is tied into it somehow but it's not the reason they do it. If profit was the main reason then you are indeed right that there are better ways to make money with that skill set. White hat hacking is a very lucrative profession. But some people enjoy watching the world burn, and they can't do that as a white hat hacker.
Depends on where in the world you are situated. If your best work opportunities come from your youth gang friends, who by now have connections into the seedier side of organized crime.. then training for your "one shot" of creating a middleware tool that literally can be your one shot - without that much risk attached, is understandable.

But gaming accounts? Rlly? I mean, have you looked at the payout? Have you looked into your past, where you very likely enjoyed those as well, judging from the profession you went with... ;)

So yeah - they do it because they can, and they are good at it, seems like the most likely explanation, still.

And because they are targeting clickworkers (rent and buy businessmodel), just dont. I mean... click on some ads, or find another toolset targeting other groups of society, please. Just looking at payout and something that comes close to a code of ethics.. Any code of ethics, really. :)

As in "dont slaughter the young people, maybe closest to becoming proficient in your career path - by making them afraid of... gaming and computers"

Just - the strangest of things... When even the guys at Kaspersky labs are like - "what the...".
 
  • Like
Reactions: White_Raven_X

FAST6191

Techromancer
Editorial Team
Joined
Nov 21, 2005
Messages
34,099
Trophies
2
Website
trastindustries.com
XP
22,987
Country
United Kingdom
Game key grabbers is nothing new and this seems like an evolution of it. I am sure the more clickbait/steam fanboy types would key in on epic being targetted. Though if I can trust Kapersky not wanting to talk themselves up (and having no clue as to the current build your own virus toolkits) then it being on the more sophisticated side of things intrigues me -- I was going to wonder if competition was a bit harsh (no better source of botnet than an opponent's existing botnet you do a takeover on).

Anyway such accounts can be a reasonable thing to launder money in, boost ratings as a service (buying steam followers/reviews/watchtime/playtime/live "viewers" is not as popular as twatter, facebook, youtube or instagram but is a thing), I know greenlight is dead but votes for your asset flip laundry device, possibly some straight up fraud through gifts/microtransactions/whatever nonsense steam et al are doing this week as a loyalty card scheme.
Working that up is considerably more advanced than here is list of names, addresses and credit card numbers from [big retailer] hence the probably lower price tag, ransoms could be a thing (bitcoins or we gift your games away, don't know if Steam/GOG/Epic are inclined for it)... plenty of scope for black hat earning options here.
 

Joom

 ❤❤❤
Member
Joined
Jan 8, 2016
Messages
5,996
Trophies
1
XP
5,793
Country
United States
Guessing it can't get Steam passwords since the password isn't actually stored on your computer. Unless it's also a keylogger.
Most likely. The way Steam stealers work is by forcing a logout on your account by clearing out client data. This way you have to log back in manually. So, just enable Steam Guard and you should be fine. I dunno why anyone wouldn't be using 2FA on everything possible anyway.
 

The Real Jdbye

*is birb*
Member
Joined
Mar 17, 2010
Messages
21,338
Trophies
3
Location
Space
XP
10,218
Country
Norway
Most likely. The way Steam stealers work is by forcing a logout on your account by clearing out client data. This way you have to log back in manually. So, just enable Steam Guard and you should be fine. I dunno why anyone wouldn't be using 2FA on everything possible anyway.
Because most sites aren't critical (and nobody would be interested in targeting users of them anyway), using 2FA on everything is a pointless hassle. I only use it where it actually matters.
 
  • Like
Reactions: White_Raven_X
General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: Lol yeah