A PC game on Valve’s Steam store has been discovered distributing malware and stealing users’ cryptocurrency, draining an estimated $150,000.
BlockBlasters was released on July 30 as a 2D action title. But this past weekend, users noticed the title was secretly installing malware on their PCs that could hijack cryptocurrency wallets.
The threat played out in real time as a live streamer reacted to the malware draining $32,000 in cryptocurrency from a fund to cover their cancer treatment. A group of security researchers has since investigated and found that the malware infected as many as 261 users.
ZachXBT, an anonymous cryptocurrency researcher well-known for exposing scams, added that the malware appeared to steal over $150,000 from victims.
The attack worked by essentially using BlockBlasters as a Trojan horse, which was updated starting on Aug. 30 with malware files. To entice users to download the game, the hacker apparently messaged cryptocurrency holders to try out BlockBlasters as a paid promotion, according to the malware library organization Vx Underground.
Once the game is downloaded, the malware collects information from the user’s PC, including browser extensions and cryptocurrency wallet details.
Valve didn’t immediately respond to a request for comment. But the Steam store has delisted BlockBlasters. However, a researcher for the cybersecurity vendor G Data says it flagged BlockBlasters as a threat to Valve a week ago.
This Tweet is currently unavailable. It might be loading or has been removed.
The good news is that security researchers say they’ve uncovered “mountains of technical evidence” linking the malware to the hacker. This includes communication with the hacker, who was using the messaging app Telegram.
The live streamer who lost their cancer fund treatment to the malware has since been compensated through other donations. Still, the incident is at least the fourth case of malware being spotted on the Steam store through little-known games, which is raising questions about Valve’s vetting. The threat seems to emerge if a released game is later updated with malware, and it’s unclear if Valve runs any antivirus scans.
About Our Expert
I’ve been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I’m currently based in San Francisco, but previously spent over five years in China, covering the country’s technology sector.
Since 2020, I’ve covered the launch and explosive growth of SpaceX’s Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I’ve combed through FCC filings for the latest news and driven to remote corners of California to test Starlink’s cellular service.
I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. Earlier this year, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.
I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I’m now following how President Trump’s tariffs will affect the industry. I’m always eager to learn more, so please jump in the comments with feedback and send me tips.
-
Starlink App Adds ‘Event Log’ to Explain Satellite Connection Issues
-
Again? Microsoft Issues a New Price Hike for Xbox Consoles
-
SpaceX Eyes 15,000 More Satellites for Cellular Starlink, Hints at Carrier Plans
-
Is Starlink Bad for the Environment? FCC Doesn’t Think It Should Weigh In
-
After Nvidia Deal, What Happens to Intel’s Graphics Tech? It’s Sticking Around
-
More from Michael Kan
