Cybercriminals are increasingly targeting gamers and their online accounts with new malware called BloodyStealer, Kaspersky says.
Last March, analysts at the cybersecurity giant discovered communications exchanged around BloodyStealer, a malware capable of stealing passwords, taking screenshots, and absorbing cookies or even bank identifiers, desktop and uTorrent client files, logs, and logging sessions. customers of Bethesda, Epic Games, GOG, etc. Origin, Steam, Telegram, and VimeWorld.
Although BloodyStealer is relatively young, the malware has already been used to attack and infect users in Europe, Latin America, and the Asia-Pacific region. To achieve such expansion, its creators exploit a “malware as a service” (MaaS) distribution model. BloodyStealer can be rented on the dark web for a subscription of $ 10 per month, while buying a “lifetime license” costs $ 40.
In addition to its ability to steal sensitive data from its victims, BloodyStealer has a suite of tools designed to confuse its presence with IT security suites and international authorities. The malware sends the stolen data as a ZIP file to its C&C server, which is protected against DDoS attacks and other online misappropriations. From there, cybercriminals use the standard control panel, or Telegram, to access personal information or various accounts of victims.
The player, goal number one
While BloodyStealer poses a serious threat to gamers, it is just one of the many tools available on the dark web to steal their accounts. Cybercriminals sell other types of malware, and underground hacking forums often feature advertisements offering to post a corrupted link on popular websites or distribute tools that automatically generate phishing forms.
One of the most popular products traded on the dark web is the log book. This gives access to multiple private data that allow connection to stolen user accounts. In addition, it is geolocated, which guarantees interested cybercriminals a higher success rate.
Hackers who exploit BloodyStealer also haggle for access to specific game accounts, both individually and in droves. Especially valuable are accounts with many expensive games, add-ons, and virtual items, although they are often sold for a very low price. For example, in a recent ad observed by Kaspersky, a cybercriminal exposed 208,000 online gaming accounts for just $ 4,000. Similarly, games are often sold for a fraction of their value on the dark web, and copies of Need For Speed Heat or Madden NFL 21 cost less than 0.50 cents.
To avoid being a victim of BloodyStealer or other types of malware and cyber attacks targeting gamers, Kaspersky recommends that users enable two-factor authentication (2FA) on their online accounts, do not download applications and software only from official stores, be careful With links in emails and messages from unknown senders, verify the authenticity of websites before creating a personal account and protect your devices with antivirus software.