A new information-stealing trojan, dubbed “Bloody Stealer,” is being used by bad actors to steal gaming accounts across the globe. The ransomware threat has shown up on multiple gaming platforms, including Steam, Epic Games Store, and EA Origin.
This new trojan reared its ugly head in the gaming industry in March of 2021. Dubbed “Bloody Stealer,” this malware is capable of stealing and collecting a broad range of sensitive information belonging to gamers. This includes passwords, banking information, cookies, and other information logged from sessions across various applications.
Who Is Being Targeted?
While Bloody Stealer seems to have been made for stealing more than just game-related information, so far, users of the malware have largely been targeting gaming platforms. Notable platforms such as EA Origin, Steam, Epic Games, GOG Galaxy, and more have already been susceptible to attacks from cybercriminals using this malware. Bloody Stealer is largely used to harvest account information, which its operators later sell in underground markets.
The malware is being used on a global scale, attacking gamers worldwide. Since its initial discovery, the use of Bloody Stealer has been detected in malware attacks in Latin America, the Asia-Pacific region, and Europe.
What Is Being Stolen?
Game logs, account information, and in-game goods have all been stolen by users of this trojan. These are just some of the game-related products that are being collected by operators of Bloody Stealer; the account information is later sold on the darknet.
According to its developers, Bloody Stealer’s complete list of stealing capabilities includes:
- Grabbing cookies, forms, passwords, and bank cards from browsers
- Stealing all information about the PC, including screenshots
- Stealing sessions from Bethesda, EA Origin, Epic Games, GOG, Steam, Telegram, and VimeWorld
- Stealing files directly from the desktop
- Stealing files from the uTorrent client
- Collecting logs from the PC memory
How Does it Work?
Bloody Stealer is sold to VIP members of underground forums through private channels. The information stealer is sold under a subscription model, selling at an affordable price of around $10 per month or $40 for a lifetime license. This trojan is attractive to buyers not only for its stealing capabilities but because it comes with anti-analysis and data exfiltration capabilities. This includes detection evasion, duplicate logging protection, and reverse engineering protection.
Gamers are usually targeted with malware-laced game cheat tools and mods. Game cheats have long been a known source of malware infections, infecting cheating gamers with various malware, such as remote access trojans and cryptocurrency miners.
Bloody Stealer is an advanced tool being used by cybercriminals to infiltrate the gaming market, but its anti-detection techniques and attractive pricing are likely to be seen with other malware families soon. To stay safe while gaming, we recommend using a strong security solution to protect you from malware. Visit Quantum Star Technologies to see how Starpoint protects passwords, cookies, and other sensitive data with AI-powered malware detection.