A supposedly harmless platform named Blockblasters turned out to be a sophisticated cryptocurrency theft. Hundreds of Steam users have lost over $ 150,000, including a cancer stream, which was stolen $ 32,000.
Harmless indie title becomes a trap
An apparently harmless indie game on Steam has turned out to be a sophisticated malware campaign that has led hundreds of users around their cryptocurrency stocks. Blockblasters, a 2D platform game, was available on the gaming platform from July 30th to September 21st and captured a total of over $ 150,000 of $ 261 Steam accounts. The game published by Genesis Interactive initially received positive reviews of unsuspecting players.
The situation changed dramatically on August 30, when the developers published an apparently harmless patch, which, however, contained malignant components. What was disguised as a normal update turned the game into a digital safe cracker. As Bleeping computer reported, the victims were selected in a targeted manner after they had been identified on Twitter as administrators of considerable cryptocurrency stocks. This strategic approach explains the exceptionally high success rate of the campaign.
Tragic case of a cancer stream
The case of the Latvian streamer Raivo Plavniek is particularly tragic, known as RastlandTV. The content creator, suffering from a step-4-sarcoma, lost over $ 32,000 during a live broadcast for a donation collection for his cancer treatment. A spectator had recommended him to download the supposedly verified Steam game.
For everyone who is wondering what is going on with the $ Cancer Livestream … My life was saved for 24 hours until someone came into my stream and brought me to download a verified game on Steam Raivo Plavnieks alias RastlandTV
Within a few moments after installation, the entire donation money disappeared from his crypto wallet, while his emotional collapse was broadcast live in front of thousands of spectators.
Three -stage attack mechanism
The malware operated through a sophisticated three -stage infection mechanism. The attack started with a batch file called “Game2.bat”, which was automatically carried out at the start of the game. This file added the target folder to the exception list from Microsoft Defender, which caused it to ignore security scans and behavioral checks.
The malware systematically collected Steam accounting data, IP addresses and location information from the victims. This data was then transferred to a command and control server. In addition, the software targeted browser extensions and cryptocurrency wallet data in order to make maximum financial damage. The use of password-protected ZIP archives with the simple password “121” was particularly sophisticated to hide the malignant payloads during the download. GDDA researcher Karsten Hahn also documented a python backdoor and a stealc protection load that was used together with the batch stealer.
Despite the sophisticated campaign, the cybercriminals also made decisive mistakes. The investigators discovered that the attackers had revealed their telegram bot code and their tokens, which made it possible to draw conclusions about their identity. There are unconfirmed reports from Osint experts who are said to have identified the threat player as Argentine immigrants in Miami. It is currently not known whether the authorities have already reacted or were successful.
Solidarity of the crypto community
After public announcement of theft, the cryptocurrency community showed remarkable solidarity. Crypto-influencer Alex Becker confirmed that he had sent $ 32,500 to a new, safe wallet for Plavnieks to completely replace the stolen amount. The game has now been removed by Steam, but Valve has not yet made an official statement on the incident. Security experts strongly recommend that affected users change their Steam passwords immediately and to transfer their digital assets into new, safe wallets.
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.
