Gaming is not just a good business for developers and manufacturers, but is also quite viable for cybercriminals. Steam Stealer malware is constantly evolving and its goal is to steal online gaming credentials and sell them on the black market.
In an industry worth over an estimated hundred billion US dollars, gaming is not just big business for developers and manufacturers, but for cybercriminals too. Steam Stealer is a constantly evolving breed of malware that is responsible for hijacking the user accounts of the popular gaming platform, Steam. The malware’s goal is to steal online gaming items and user account credentials, and then resell them on the black market. It is distributed to cybercriminals under a malware-as-a-service business model with an extremely low entry price of up to $30 USD.
Steam is one of the most popular entertainment multi-OS distribution platforms. Owned by Valve, it has over 100 million registered users and several thousand games available for download worldwide. Its popularity makes it a large and attractive target for fraudster groups, who can sell Steam user credentials for $15 USD on the black market. According to recently published official Steam data, 77,000 Steam accounts are hijacked and pillaged every month.
According to Kaspersky Lab researcher, Santiago Pontiroli, and his independent research colleague Bart P., a new breed of malware known as Steam Stealer is the prime suspect in the pilfering of numerous user accounts from Valve’s flagship platform. The duo believes the malware was originally developed by Russian-speaking cybercriminals; they have found many language traces in several underground malware forums to suggest this.
Steam Stealer works in a malware-as-a-service business model: it is available for sale in different versions, with distinct features, free upgrades, user manuals, custom advice for distribution, and more. When it comes to these types of malicious campaigns the usual starting price for “solutions” is in the range of $500 USD. However, Steam Stealers have a ludicrously low price, being commonly sold for no more than $30 USD. This makes the malware highly attractive for ‘wannabe’ cybercriminals all around the world.
The propagation of Steam Stealers is mainly, but not solely, done either via fake cloned websites distributing the malware, or through a social engineering approach, where the victim is targeted with direct messages.
Once the malware is in the user’s system it steals the entire set of Steam configuration files. Once this is done it locates the specific Steam KeyValue file that contains user credentials, as well as the information that maintains a user’s session. When cybercriminals have obtained this information, they can control the user’s account.
Stealing gamer accounts was once a resource-light way for script kiddies to make a quick profit, by selling them on underground forums. Now however, criminals have realised the true market value of these accounts. The opportunities now lie in stealing and selling user gaming items that may be worth thousands of dollars. Organised cybercriminals simply don’t want to leave that money on the table.
Kaspersky Lab experts have discovered nearly 1200 samples of different Steam Stealers that have been attacking tens of thousands of users around the world, especially in Russia and other Eastern European countries, where Steam’s platform is extremely popular.
“The gaming community has become a highly desirable target for cybercriminals. There has been a clear evolution in the techniques used for infection and propagation, as well as the growing complexity of the malware itself, which has led to an increase in this type of activity. With gaming consoles adding more powerful components and the Internet of Things on our doorstep, this scenario looks like one that will continue to play out and become more complex. At Kaspersky Lab, we hope that our research will develop into an ongoing investigation, bringing a much-needed balance to the gaming ecosystem. Security should not be something developers think about afterwards but at an early stage of the game development process. We believe that cross-industry cooperation can help to improve this situation,” comments Santiago Pontiroli, Global Research & Analysis Team, Kaspersky Lab.
Kaspersky Lab detects Steam Stealers trojan groups as: Trojan.Downloader.Msil.Steamilik; Trojan.Msil.Steamilik; Trojan-psw.Msil.Steam amongst others. Targets of these trojans are largely spread around the globe with Russia, the US, Europe (France and Germany), India and Brazil, leading the way.
To stay safe, users need an up-to-date security solution so they can enjoy their favourite games without the fear of being exploited. Most security products have a “gaming mode”, such as the one in Kaspersky Internet Security, so that users can enjoy their games without getting any notifications until the end of their session. In a bid to help its own users stay safe, Steam also offers several security measures to protect accounts and increase the difficulty for hijacking mechanisms.
Now download a bank account
Absa has introduced an end-to-end account opening for new customers, through the Absa Banking App, which can be downloaded from the Android and Apple app stores. This follows the launch of the world first ChatBanking on WhatsApp service.
This “download your account” feature enables new customers to Absa, to open a Cheque account, order their card and start transacting on the Absa Banking App, all within minutes, from anywhere and at any time, by downloading it from the App stores.
“Overall, this new capability is not only expected to enhance the customer’s digital experience, but we expect to leverage this in our branches, bringing digital experiences to the branch environment and making it easier for our customers to join and bank with us regardless of where they may be,” says Aupa Monyatsi, Managing Executive for Virtual Channels at Absa Retail & Business Banking.
“With this innovation comes the need to ensure that the security of our customers is at the heart of our digital experience, this is why the digital onboarding experience for this feature includes a high-quality facial matching check with the Department of Home Affairs to verify the customer’s identity, ensuring that we have the most up to date information of our clients. Security is supremely important for us.”
The new version of the Absa Banking App is now available in the Apple and Android App stores, and anyone with a South African ID can become an Absa customer, by following these simple steps:
- Download the Absa App
- Choose the account you would like to open
- Tell us who you are
- To keep you safe, we will verify your cell phone number
- Take a selfie, and we will do facial matching with the Department of Home Affairs to confirm you are who you say you are
- Tell us where you live
- Let us know what you do for a living and your income
- Click Apply.
How we use phones to avoid human contact
A recent study by Kaspersky Lab has found that 75% of people pick up their connected device to avoid conversing with another human being.
Connected devices are becoming essential to keeping people in contact with each other, but for many they are also a much-needed comfort blanket in a variety of social situations when they do not want to interact with others. A recent survey from Kaspersky Lab has confirmed this trend in behaviour after three-quarters of people (75%) admitted they use a device to pretend to be busy when they don’t want to talk to someone else, showing the importance of keeping connected devices protected under all circumstances.
Imagine you’ve arrived at a bar and you’re waiting for your date. The bar is busy, and people are chatting all around you. What do you do now? Strike up a conversation with someone you don’t know? Grab your phone from your pocket or handbag until your date arrives to keep yourself busy? Why talk to humans or even make eye-contact with someone else when you can stare at your connected device instead?
The truth is, our use of devices is making it much easier to avoid small talk or even be polite to those around us, and new Kaspersky Lab research has found that 72% of people use one when they do not know what to do in a social situation. They are also the ‘go-to’ distraction for people even when they aren’t trying to look busy or avoid someone’s eye. 46% of people admit to using a device just to kill time every day and 44% use it as a daily distraction.
In addition to just being a distraction, devices are also a lifeline to those who would rather not talk directly to another person in day-to-day situations, to complete essential tasks. In fact, nearly a third (31%) of people would prefer to carry out tasks such as ordering a taxi or finding directions to where they need to go via a website and an app, because they find it an easier experience than speaking with another person.
Whether they are helping us avoid direct contact or filling a void in our daily lives, our constant reliance on devices has become a cause for panic when they become unusable. A third (34%) of people worry that they will not be able to entertain themselves if they cannot access a connected device. 12% are even concerned that they won’t be able to pretend to be busy if their device is out of action.
Dmitry Aleshin, VP for Product Marketing, Kaspersky Lab said, “The reliance on connected devices is impacting us in more ways than we could have ever expected. There is no doubt that being connected gives us the freedom to make modern life easier, but devices are also vital to help people get through different and difficult social situations. No matter what your ‘connection crutch’ is, it is essential to make sure your device is online and available when you need it most.”
To ensure your device lifeline is always there and in top health – no matter what the reason or situation – Kaspersky Security Cloud keeps your connection safe and secure:
· I want to use my device while waiting for a friend – is it secure to access the bar’s Wi-Fi?
With Kaspersky Security Cloud, devices are protected against network threats, even if the user needs to use insecure public Wi-Fi hotspots. This is done through transferring data via an encrypted channel to ensure personal data safety, so users’ devices are protected on any connection.
· Oh no! I’m bored but my phone’s battery is getting low – what am I going to do?
Users can track their battery level thanks to a countdown of how many minutes are left until their device shuts down in the Kaspersky Security Cloud interface. There is also a wide-range of portable power supplies available to keep device batteries charged while on-the-go.
· I’ve lost my phone! How will I keep myself entertained now?
Should the unthinkable happen and you lose or have your phone stolen, Kaspersky Security Cloud can track and protect your device from data breaches, for complete peace of mind. Remote lock and locate features ensure your device remains secure until you are reunited.