A gamer searching for monetary assist for most cancers remedy misplaced $32,000 after downloading from Steam a verified sport named Block Blasters that drained his cryptocurrency pockets.
Block Blasters is a 2D platformer that was accessible on Steam for nearly two months, between July 30 and September 21. The sport was secure till August 30, when a cryptodrainer part was added.
Printed by developer Genesis Interactive and now not on Steam, the retro-styled sport was a free-to-play title promising fast-paced motion on responsive controls, and had a number of hundred ‘Very Optimistic’ evaluations on the gaming platform.
The malicious part within the sport was revealed throughout a dwell fundraising from online game streamer RastalandTV, who was attempting to boost funds for all times saving remedy in opposition to stage 4 high-grade sarcoma.
The gamer additionally began a GoFundMe crowdsourcing marketing campaign to obtain donations. On the time of writing, completion of the purpose is at 58%. Nonetheless, some members of the crypto neighborhood supplied to cowl the loss. Crypto influencer Alex Becker stated that he despatched Rastaland $32,500 to a secure pockets.
Because the Latvian gamer explains, he misplaced greater than $32,000 after downloading a verified sport on Steam.
Supply: Web Archive
Crypto investigator ZachXBT advised BleepingComputer that the attackers seem to have stolen a complete of $150,000 from 261 Steam accounts.
VXUnderground safety group, who has additionally been following the assault, experiences the next sufferer depend of 478, and printed a listing of usernames, urging their house owners to instantly reset their passwords.
Reportedly, these individuals had been explicitly focused after being recognized over Twitter for managing vital cryptocurrency quantities, and had been presumably despatched invites to check out the sport.
A group of researchers printed a quick report detailing the dropper batch script that performs setting checks earlier than it collects Steam login info together with the sufferer’s IP deal with, and uploads the information to a command and management (C2) system.
GDATA researcher Karsten Hahn additionally documented a Python backdoor, and a StealC payload, used alongside the batch stealer.
Supply: @struppigel | X
Investigators additionally highlighted an operational safety failure the place the attackers left their Telegram bot code and tokens uncovered.
There are unconfirmed experiences that OSINT specialists taking part within the hunt recognized the risk actor as an Argentinian immigrant dwelling in Miami, Florida.
BleepingComputer has contacted Valve for a touch upon Block Blasters and the alleged inaction following a number of experiences, however we now have not obtained a response by publication time.
The Block Blasters incident just isn’t an remoted one on Steam. Comparable instances earlier this yr embrace the Chemia survival crafting sport, Sniper: Phantom’s Decision, and PirateFi, all of which contaminated unsuspecting victims with information-stealing malware.
When you have put in Block Blasters in your laptop, it is strongly recommended to reset your Steam passwords instantly and transfer your digital belongings to new wallets.
Basically, it’s advisable to be cautious with Steam video games which have a small variety of downloads and evaluations, and likewise titles in ‘beta’ improvement stage, as these can disguise malware payloads.
46% of environments had passwords cracked, almost doubling from 25% final yr.
Get the Picus Blue Report 2025 now for a complete take a look at extra findings on prevention, detection, and information exfiltration traits.
