TechSpot - BloodyStealer 'advanced' trojan steals accounts from most major gaming platforms
PSA: If you are a gamer, watch out for a new trojan that can steal your account credentials for just about any major platform. Kaspersky just disclosed its research, so most antivirus suites should have protections against it soon, so keep your security updated.
On Monday, Kaspersky researchers detailed a new ‘advanced’ trojan called ‘BloodyStealer’ that targets users' gaming accounts. The trojan can scrape data from PCs, including passwords, cookies, bank card details, screenshots, and more. It can also steal client sessions from Bethesda, Epic Games, GOG, EA Origin, Steam, Telegram, and VimeWorld. Kaspersky found the malware back in March in an ad on an underground forum.
The researchers say the malware has already been deployed in Europe, Latin America, and the Asia-Pacific region despite being relatively new. BloodySteal also has tools that protect it against analysis.
Kaspersky says that the sellers use a ‘malware-as-a-service (MaaS) distribution model.’ It only costs around $10 per month or $40 for a lifetime license, making it attractive for those wishing to steal gaming accounts.
It also makes it highly profitable for thieves selling the account info. One seller on the dark web was found asking for $4,000 for a bulk list of 280,000 accounts. Customers looking to pick up an individual game profile can easily find them for less than 50 cents, making it just as attractive for those not wanting to use the trojan.
Although Kaspersky discovered the malware early in the year, it waited to disclose it publicly until it had mitigation methods in place for its antivirus platform.
The researchers advise other common-sense measures like using strong passwords with 2FA enabled, only downloading apps from trusted sources, making sure websites asking for your credentials are authentic, and not clicking links in emails from strangers. Kaspersky also provides guidance for maxing out the security settings on several platforms, including Steam, Battle.net, Origin, Twitch, and Discord.”
My thoughts: This
should have already been updated in your security software.