As of at the end of June, the value of stolen cryptocurrency reached $3 billion, which exceeded the amount of losses for the entire previous year. And this is far from over. A cybercriminal known as EncryptHub (or Larva-208) used the popular Steam gaming platform to spread ransomware.
Chemia is a survival adventure game that immerses the player in a world devastated by a catastrophic natural disaster. The game was not officially released, but was in early access. This approach helps developers receive constant feedback from the community to find bugs, balance gameplay, and make improvements.
The first infection of Chemia game files occurred on July 22. EncryptHub added a Trojan downloader that runs along with the main program. The downloader lodges itself on the infected machine and spreads Fickle Stealer, HijackLoader, and Vidar. Vidar is an information stealer that uses public networks as part of its Command & Control (C2) infrastructure
HijackLoader — is a malware loader used to download additional malware (e.g., Trojans like Danabot or RedLine) to infected computers. Fickle stealer — is a relatively new information stealer that uses PowerShell scripts to bypass user account controls (UAC) and can steal confidential files, system information, data stored in the browser, cryptocurrency wallet details, and more.
Depending on what is stored on the infected device, gamers may face direct financial losses up to identity theft.
Chemia has now been removed from Steam. And on SteamDB, the game has been labeled as potentially dangerous.
Source: Prodaft
Контент сайту призначений для осіб віком від 21 року. Переглядаючи матеріали, ви підтверджуєте свою відповідність віковим обмеженням.
Cуб'єкт у сфері онлайн-медіа; ідентифікатор медіа - R40-06029.