A gamer looking for monetary assist for most cancers therapy misplaced $32,000 after downloading from Steam a verified recreation named Block Blasters that drained his cryptocurrency pockets.
Block Blasters is a 2D platformer that was accessible on Steam for nearly two months, between July 30 and September 21. The sport was protected till August 30, when a cryptodrainer element was added.
Revealed by developer Genesis Interactive and not on Steam, the retro-styled recreation was a free-to-play title promising fast-paced motion on responsive controls, and had just a few hundred ‘Very Optimistic’ critiques on the gaming platform.
The malicious element within the recreation was revealed throughout a stay fundraising from online game streamer RastalandTV, who was attempting to lift funds for all times saving therapy towards stage 4 high-grade sarcoma.
The gamer additionally began a GoFundMe crowdsourcing marketing campaign to obtain donations. On the time of writing, completion of the purpose is at 58%.
Because the Latvian gamer explains, he misplaced greater than $32,000 after downloading a verified recreation on Steam.
Supply: Web Archive
Crypto investigator ZachXBT instructed BleepingComputer that the attackers seem to have stolen a complete of $150,000 from 261 Steam accounts.
VXUnderground safety group, who has additionally been following the assault, reviews a better sufferer depend of 478, and revealed an inventory of usernames, urging their homeowners to instantly reset their passwords.
Reportedly, these folks had been explicitly focused after being recognized over Twitter for managing important cryptocurrency quantities, and had been presumably despatched invites to check out the sport.
A group of researchers revealed a short report detailing the dropper batch script that performs surroundings checks earlier than it collects Steam login info together with the sufferer’s IP handle, and uploads the info to a command and management (C2) system.
GDATA researcher Karsten Hahn additionally documented a Python backdoor, and a StealC payload, used alongside the batch stealer.
Supply: @struppigel | X
Investigators additionally highlighted an operational safety failure the place the attackers left their Telegram bot code and tokens uncovered.
There are unconfirmed reviews that OSINT consultants collaborating within the hunt recognized the menace actor as an Argentinian immigrant residing in Miami, Florida.
BleepingComputer has contacted Valve for a touch upon Block Blasters and the alleged inaction following a number of reviews, however we’ve got not obtained a response by publication time.
The Block Blasters incident isn’t an remoted one on Steam. Related circumstances earlier this yr embrace the Chemia survival crafting recreation, Sniper: Phantom’s Decision, and PirateFi, all of which contaminated unsuspecting victims with information-stealing malware.
When you have put in Block Blasters in your pc, it’s endorsed to reset your Steam passwords instantly and transfer your digital property to new wallets.
Basically, it’s advisable to be cautious with Steam video games which have a small variety of downloads and critiques, and likewise titles in ‘beta’ growth stage, as these can cover malware payloads.
46% of environments had passwords cracked, practically doubling from 25% final yr.
Get the Picus Blue Report 2025 now for a complete take a look at extra findings on prevention, detection, and information exfiltration tendencies.
