Steam Discussion Thread - Discussing Valve's online store (Possibly kept from collapsing into total decadence by a single fat guy)

  • 🏰 The Fediverse is up. If you know, you know.
  • Want to keep track of this thread?
    Accounts can bookmark posts, watch threads for updates, and jump back to where you stopped reading.
    Create account
Valve removes free horror game from Steam after players discover it contains malware that steals your data.

A game on Steam was found to contain malware that would steal login credentials, crypto and other stuff.

In short, a malicious attacker gained access to the developer's account for a small game called Rodent Race, replaced everything with a new game, made it free, and hid malware in a file called UnityPlayer.dll. He then proceeded to steal the information from anyone who downloaded the game. Apparently, and from what I've read, this was possible because Steam doesn't verify update files.

Here's a video that goes into more detail;


The game, now called Beyond The Dark, was removed from the store, though some keys still appear to be circulating from before the hijack. If you downloaded the game, you should consider updating your passwords (emails, crypto wallets, and other sensitive stuff) and run some anti-malware.
 
Most Wanted Banana said:
Valve removes free horror game from Steam after players discover it contains malware that steals your data.

A game on Steam was found to contain malware that would steal login credentials, crypto and other stuff.

In short, a malicious attacker gained access to the developer's account for a small game called Rodent Race, replaced everything with a new game, made it free, and hid malware in a file called UnityPlayer.dll. He then proceeded to steal the information from anyone who downloaded the game. Apparently, and from what I've read, this was possible because Steam doesn't verify update files.

Here's a video that goes into more detail;

https://youtube.com/watch?v=oC78inB5bZ4
The game, now called Beyond The Dark, was removed from the store, though some keys still appear to be circulating from before the hijack. If you downloaded the game, you should consider updating your passwords (emails, crypto wallets, and other sensitive stuff) and run some anti-malware.
Click to expand...

Its funny how this isnt the first time this happened and, if anything, hackers are catching on to this exploit (Steam verifies the base files on launch but doesnt any new ones on updates). This really is something for both devs and players to watch out for, especially the former because if their computers get hijacked, there is a chance the hackers can steal their games, update them with malware files and screw every player over.

Steam really should start analizing update files too
 
You must log in or register to reply here.
Back
Top Bottom