Kaspersky Lab warns PH Steam gamers of account stealers
A new breed of malware known as Steam Stealer is the prime suspect in stealing numerous user accounts from Valve’s flagship platform, Steam. Kaspersky Lab warns us, Filipinos, to be careful enough to secure our gaming identities.
Having over 100 million registered users, Steam is one of the most popular entertainment multi-OS distribution platforms. Going by recent reports, 77,000 Steam accounts are hijacked and pillaged every month.
Dubbed as the Steam Stealer, the goal of this malware is to steal online gaming items and user account credentials, and then resell them on the black market.
According to Kaspersky Lab, it works with a malware-as-a-service business model that steals the entire set of Steam configuration files. Once this is done it locates the specific Steam KeyValue file that contains user credentials, as well as the information that maintains a user’s session. When cybercriminals have obtained this information, they can control the user’s account.
This type of business model isn’t new, and the accounts are commonly sold to black market for about $500. But in the case of the Steam Stealers, they sell the accounts for no more than $30. This makes the malware highly attractive for wannabe cybercriminals all around the world.
Kaspersky Lab researchers strongly believe that the malware was originally developed by Russian-speaking cybercriminals since they found a number of language traces in several underground malware forums.
Here in the Philippines, there are low incidents of recorded Steam Stealer infiltration, but gamers still need to stay vigilant and maintain their gaming identities private.
“The number of monitored Steam Stealer attacks against Filipino gamers are minimal compared to those recorded in Russia, US and Europe. But those few incidents can increase anytime. says Anthony Chua, Territory Channel Manager for the Philippines and Singapore at Kaspersky Lab Southeast Asia.
To do this, they provided three pillars of basic gaming security:
- Beware of phishing campaigns and unfamiliar gamers. Double check the website you are redirected to via the link in the received email and the extension of a file you are going to open.
- Use strong and unique passwords. Lots of accounts get hacked as a result of weak password management. Alternatively, you can also use a password manager.
- Do not turn off your antivirus! If you don’t have one, install a good solution. And a special tip for all Kaspersky users: here you can find a detailed manual on how to turn on the Gaming Profile option. It will optimize settings of all antivirus components.