A pre-release game that launched on leading PC storefront Steam contained malware designed to target victims’ cryptocurrency wallets and personal data, according to a report from cybersecurity firm Prodaft.

Chemia, a survival game developed by Aether Forge Studios, was loaded by cybercriminal group EncryptHub (aka Larva-208) on July 22 with three types of malware: Hijack Loader, Fickle Stealer, and Vidar Stealer, Prodaft reported. 

The former enables hackers to deploy privacy-breaching programs on an infected device. The latter two pieces of software aim to exploit digital asset wallets, in addition to accessing user data from web browsers, password managers, and other applications.

Tech outlet Bleeping Computer was first to report on the alleged malware-infested game. Following the report, Steam appears to have removed Chemia from its platform. A link to the game redirects visitors to the Stream homepage.

Steam did not immediately reply to Decrypt's inquiry into the apparent removal of the game.

Chemia debuted via Steam Early Access, which allows users to download video games that are still under development and may have bugs or limited features.



The malware appeared to be linked to a Telegram channel, where the cybercriminals could manage the software, steal data, and launch attacks, according to Prodaft.

Steam's security scare comes amid a global rise in cyberattacks. 

Malware infections have risen 87% over the past 10 years, according to data compiled by Statista. Global cyber-economy researcher Cybersecurity Ventures forecasts cybercrimes will inflict $10.5 trillion in damages by the end of 2025, up from $3 trillion in 2015.

EncryptHub launched a spear-phishing and social engineering campaign with the same malware last year, compromising more than 600 organizations. 

Amid the global rise in exploits, Steam has fielded several cases of malware infiltrating games on its Early Access platform. In March, malicious software was found in the game Sniper: Phantom’s Resolution. A month earlier, reports emerged that the title PirateFi appeared to contain a Windows-based malware designed to harvest sensitive information from unsuspecting downloaders’ devices. 

Steam did not immediately respond to Decrypt's request for comment on its process for vetting video games listed on its Early Access platform. 

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。