New malware is primarily going after gamers and their online gaming accounts. The BloodyStealer trojan malware is actively stealing valuable information such as passwords, in-game merchandise, upgrades, etc.
Gamers who access EA Origin, Steam, Epic Games, GOG, and other services, could fall prey to new malware. The creators of BloodyStealer trojan are not only offering the trojan as Malware-as-a-Service but also selling stolen information on the Dark Web and via Telegram.
BloodyStealer trojan malware can scrape multiple types of valuable gamer and gaming-related information:
Kaspersky, the makers of antivirus products, had reportedly discovered an ad for BloodyStealer malware earlier this year. Back then, the creators of the trojan horse were claiming it can steal passwords, cookies, bank card details, browser auto-fill data, device data, screenshots, desktop and uTorrent client files, logs. They also hinted that valuable accounts of Bethesda, Epic Games, GOG, Origin, Steam, Telegram, and VimeWorld clients and their gaming sessions were also available.
— Kaspersky (@kaspersky) September 27, 2021
Julia Glazova, a cybersecurity expert at Kaspersky, has mentioned the BloodyStealer trojan horse in a detailed blog post:
“What struck us was that most of the listed programs are game-related, which suggests that gamer accounts and their contents are in demand on the underground market.”
Some cybersecurity researchers claim gamers in Europe, Latin America and the Asia-Pacific region are, particularly at risk.
Malware available as a service, with stolen data available for sale as well:
The creators of the BloodyStealer trojan malware are actively offering the platform through a Malware-as-a-Service (MaaS) distribution model. Anyone interested in deploying the malware can easily purchase the same from the Dark Web. The creators are offering the trojan horse for 10$ per month or around $40 for a “lifetime license”.
— Engadget (@engadget) September 28, 2021
BloodyStealer has multiple tools that its creators designed to make it difficult to analyze by security researchers and law enforcement. The malware carefully packages the stolen data into a ZIP archive and sends it back to a Command and Control (C&C) server. The server is also protected against DDoS and other web-based attacks.
Researchers have discovered a new #malware, dubbed BloodyStealer, which steals account data from popular #gaming stores and apps, including Bethesda, Epic Games, GOG, Origin, Steam, #Telegram, and VimeWorld.
— The Hacker News (@TheHackersNews) September 28, 2021
The creators of the malware have even set up a rather simple but very effective distribution network for the stolen data. Interested buyers can either head to a Control Panel of the server or download data through the Telegram app.
How to protect online gaming accounts from BloodyStealer trojan malware?
It is important to note that the trojan horse spreads just like any other digital virus. Online accounts are of specific interest to the BloodyStealer trojan malware.
— Hackread.com (@HackRead) September 28, 2021
To protect accounts, and the digital inventory, gamers must switch on Two-Factor Authentication (2FA). As always, only download software from official stores. And never blindly click on links that arrive in email or SMS messages.