Kaspersky researchers have discovered an advanced Trojan, dubbed BloodyStealer, which targets user accounts of popular online gaming platforms.
The Advanced Thief is sold on the darknet forums. It is used to steal player accounts on popular gaming platforms such as Steam, Epic Games Store, and EA Origin, Kaspersky said.
BloodyStealer’s features including scan and detection avoidance, low subscription price, and other great features.
As Kaspersky’s latest research shows, in-game gaming goods and accounts are in demand on the darknet.
Read also: Beware of Trojan horse attacks, MeitY warns customers of 27 major banks
Combinations of game IDs and passwords on popular platforms such as Steam, Origin, Ubisoft, and EpicGames can be listed for sale at prices as low as $ 14.2 per thousand accounts when sold at wholesale. , and for 1 to 30% of the value of an account when sold separately.
“These stolen accounts are not the result of accidental data leaks, but the result of deliberate cybercrime campaigns that use malware such as BloodyStealer,” he said.
“BloodyStealer is a Trojan horse thief capable of collecting and exfiltrating various types of data, for cookies, passwords, forms, browser bank cards, screenshots, login memory and sessions of various applications These include games – EpicGames, Origin and Steam in particular, ”he added.
Kaspersky researchers first spotted the malware in March, where it was advertised as being able to evade detection and protected against reverse engineering and general malware analysis. It is sold on underground forums for less than $ 10 for a one month subscription period or $ 40 for a lifetime subscription.
Also Read: Over 5.8 Million Malware & Unwanted Software Attacks Disguised As Popular PC Games Detected In The Past Year: Report
The malware stood out among researchers because of the many anti-scanning methods used to complicate its reverse engineering and analysis, including the use of packers and anti-debugging techniques.
“The thief is sold in the underground market and customers can protect their sample with a packer they prefer or use it as part of another multi-stage infection chain,” he explained.
Kaspersky experts have detected attacks using BloodyStealer in Europe, Latin America and the Asia-Pacific region.
While BloodyStealer is not designed exclusively to steal gambling-related information, the platforms it can target indicate the demand for this type of data among cybercriminals. Logs, accounts, game products – all of these game related products are sold on the darknet wholesale or individually at an attractive price.
“Despite the fact that cybercriminals have various options if they want to buy or hire a thief and then use it in their chain of attack, BloodyStealer definitely got users’ attention on one of the underground forums,” Dmitry Galov, security researcher. to Kaspersky’s global research and analysis team commented.
“This thief has some cool abilities, such as mining browser passwords, cookies, and environmental information. The developers behind this thief have also added features, such as entering information related to online gaming platforms. This information can then be sold on various underground platforms or Telegram channels dedicated to selling access to online gaming accounts, ”said Galov.
“Gaming accounts are clearly stalked by cybercriminals, so if you want to enjoy the game with peace of mind and not worry about your credit or in-game accounts going missing, be sure to protect your account with two-way authentication. factors and use a reliable security solution to protect your devices, ”Galov added.
- Hackers in Jobs Identified as Biggest Cyber Security Threat, Cryptojacking Also Popular
- Over 5.8 million malware and unwanted software attacks disguised as popular PC games detected in the past year: report
- FBI Warns of Ransomware Gangs Targeting Food and Farm Organizations
- FTC warns of extortionists targeting LGBTQ + community on dating apps
- YouTubers’ accounts hacked with cookie-stealing malware