Do You Use Steam for PC Gaming? Watch Out for this New Malware!


Malware has traditionally targeted industries that are exceptionally profitable. For example, hackers like to target retailers for their wealth of financial credentials. One of the most profitable industries, entertainment, is also subject to similar torment, including Steam, the PC gamer’s most valuable tool for gaming binges.

Steam is a web-based distribution platform developed by Valve Corporation, which provides multiplayer gaming, among various other services, to gamers. In a way, it can be compared to cloud computing. With over 140 million active users, Steam is one of the most prominent online gaming retailers out there. In October 2013, it was estimated that 75 percent of all games purchased online were through Steam. If nothing else, Steam is a valid online computing outlet that hackers want to take advantage of.

Over time, gamers’ accounts can accrue a “value” of sorts, be it through a collection of purchased game titles, virtual items, or currency, all of which can potentially be stolen by hackers. These items might seem trivial, but they’re giving rise to a new type of hacker on the Steam scene; those who take advantage of Steam Stealer, a new type of malware that helps both experienced hackers and would-be chumps steal in-game items, currency, and other “valuable” assets from other users. This entrance to cybercrime could be seen as a slippery slope. If users find that they can steal in-game items and other valuables, they might one day decide to see if they can exploit other aspects of their rivals’ accounts, like their real-world wallets.

The most dangerous part of Steam Stealer is how easy and affordable it is to take advantage of. People who have no knowledge of malware can easily use Steam Stealer thanks to its included specializations, user manuals, APIs, and its price tag of $15. Other malware-as-a-service offerings are much more expensive and complicated to get involved with, while Steam Stealer makes it exceptionally easy to get a taste of the cyber crime scene. And once they get a taste of the proverbial slice of the Steam-pie, what’s stopping them from eating the whole thing?

In the end, these hackers won’t be satisfied until they hit the real goldmine: the wealth of financial information stored from purchasing games, and other products, through Steam’s online interface. Steam experiences its fair share of account takeovers (around 77 thousand accounts suffer from this every month), so it’s logical to assume that many hackers are after the lucrative information stored within these accounts.

As is to be expected, the best way to keep Steam safe from hackers is to practice a combination of two-factor authentication, and to remain vigilant for potential phishing scams. Changing passwords regularly also helps to keep your security in top order, and keeping a close eye on URLs can prevent potential account compromisation before it occurs.

Do these tips sound familiar? They are all, more or less, valuable tips to help you stay safe online, whether at work or at play. Just because Steam is a gaming platform doesn’t mean that there aren’t valuable lessons in cybersecurity that can be learned from it. Gamers see their precious inventories as valuable assets that cannot be replaced, much in the same way that a business owner must protect their organization’s network infrastructure and the data stored within.

If you’re concerned about the status of your data security, reach out to us at 810.230.9455. While we might not be able to help secure your Steam library, we can most certainly help with your business’s data security practices.