Cramping malicious software is something that every PC gamer might have come across once during the course of fooling around in video games, but encountering such a malware that wipes everything clean and leaves you with an empty online wallet is nothing less than nightmare. Unfortunately, a similar, yet unusual kind of malware is being advertised via the chat feature of an immensely popular video game live-streaming website called Twitch. The malware first tricks its target and then logs into the Steam account of the target and wipes everything including the linked wallet, and any valuable items.
Hackers Shamelessly Stealing Everything From Steam Accounts Using Cruel Malware Advertised on Twitch Chat Forums
Internet is sometimes a very horrible place, especially for those who conform to acquire several valuable items in a linked online account, and then get tricked into giving that account away. Currently, something similar is going on at the chat forums managed by Twitch, which is an immensely popular live-streaming destination for players. Gamers are being targeted by a cruel malicious software that gets into accounts on Steam, which is a digital video game content distribution and multiplayer social networking platform developed by Valve Corporation, and spends their money without authorization.
The malware was first reported by a Finnish security firm F-secure, according to which, the vulnerability originates from an automated Twitch-bot account that strikes Twitch chat forums and starts spamming users with invites to participate in a weekly raffle for a chance to win expensive video game content such as Counter-Strike: Global Offensive items. Should users take the bait and they are redirected to a Java app that requires them to fill in their name and email addresses. Well, that looks pretty flat until now, but it isn't.
After users further get themselves into the trouble unknowingly by entering their email addresses, the app quietly proceeds to install a program known as "Eskimo" on their computers that manipulates their Steam account with the ability to:
• Take screenshots
• Add new friends in Steam
• Accept pending friend requests in Steam
• Initiate trading with new friends in Steam
• Buy items, if user has money
• Send a trade offer
• Accept pending trade transactions
• Sell items with a discount in the market
Eskimo does not ask for your Steam account's password as most PC gamers log into their accounts as soon as they turn on their computers. It just quietly keeps working to give you a terrible surprise. When you switch to Steam client, you see your inventory wiped out clean. All of the valuable items are traded away and all of the cheap ones are sold for money. Using that many, hacker behind the malware makes further purchases and trades them back to himself. Report states that currently the all items from hacked accounts are being traded with an account known as Youni for nothing in return, however, the name keeps changing, proving that this is not the work of a single hacker.
The malware even sucks your Steam wallet dry, leaving you with nothing but a clean account as if you just logged into a new one. On the brighter side, the good news is that is very easy to avoid being bankrupt by this malware; Simply, don't click on strange links appearing in Twitch chat, and take some time out to initiate a standard antivirus sweep that will take care of the malware if it has already been installed. If you are one of those unfortunates who have already lost everything to this, try contacting Valve customer service, that might be your last hope.