BloodyStealer Trojan: New Malware Steals Gamers' Data, Passwords On Steam, GOG, Origin, Epic

Malicious actors are currently targeting gamers by using new malware to gain access to and steal information from their Steam, GOG, Epic Games and EA Origin accounts, according to a new report.

Cybersecurity firm Kaspersky, which dubbed the malware BloodyStealer, warned gamers that the malicious software is capable of scraping information from session data and passwords on the aforementioned sites.

The trojan is reportedly being advertised and sold on the dark web and darknet forums for $10 a month or $40 for a "lifetime license." The cybersecurity firm first spotted BloodyStealer in March.

Aside from session data and passwords, researchers at Kaspersky believe BloodyStealer can also scrape information like device data, desktop files, bank details, memory logs, uTorrent files and screenshots. The data collected by the malware are then exfiltrated to a remote server, where they are most likely monetized via Telegram channels or darknet platforms.

Kaspersky further revealed that since the malware's discovery, it's been detected to have been used in attacks targeting people in Latin America, Europe and the Asia Pacific.

"BloodyStealer is still quite new on the market when compared to other existent malware tools; however, by analyzing available telemetry data, we have found detections of BloodyStealer in Europe, Latin America and the APAC region," Kaspersky noted in a blog post. "At the time of the investigation, we observed that BloodyStealer mostly affected home users."

Gamers become vulnerable to the attack when they download questionable files or apps, most of which come with features that allow them to cheat on games. This means that to protect their devices from the BloodyStealer and other malware, gamers should remain vigilant and avoid getting suspicious apps or files as they could come with malware.

Moreover, it is important for gamers to secure their accounts using two-factor authentication. For those looking to get games or sign up for gaming-related subscriptions, it is safer to have them from official sites.

"BloodyStealer is a prime example of an advanced tool used by cybercriminals to penetrate the gaming market," Kaspersky explained. "With its efficient anti-detection techniques and attractive pricing, it is sure to be seen in combination with other malware families soon."