Recently, Kaspersky Lab famous for its antivirus products released a press release in which they mentioned a new trojan making waves on the internet that specifically attacks popular online gaming platforms and steals critical user information.
As per researchers at Kaspersky, an advanced trojan dubbed “The BloodyStealer”, is being sold at darknet forums and other illegal websites. The BloodyStealer is a Trojan-stealer capable of gathering and exfiltrating various types of data, including cookies, passwords, forms, bank cards from browsers, screenshots, log-in memory, and sessions from various applications. These specifically include gaming platforms, such as EpicGames, Origin, and Steam. It has advanced built-in features to avoid analysis and detection, a low subscription price, and some interesting capabilities to hide its tracks.
Kaspersky’s research illustrated that accounts with high worth inventories and/or games are in demand on the darknet. Darknet also has sellers that are providing combinations of gaming logins and passwords to popular platforms such as Steam, Origin, Ubisoft, or EpicGames for as cheaply as $14.20 per thousand accounts, and for 1-30% of an account’s value when sold individually. The researchers speculated that these accounts come from the rise in cases of BloodyStealer victims and other similar cybercriminal campaigns employing similar types of keyloggers or trojans.
The trojan was first spotted by researchers in March, where it was advertised on darknet forums as being capable of evading detection and protected against reverse engineering and malware analysis in general. BloodyStealer was sold in the underground forums at an attractive price of less than $10 for a 1-month subscription or $40 for a lifetime subscription. Kaspersky experts detected attacks of BloodyStealer being used in only some places in Europe, Latin America, and the Asia-Pacific region since March.
The report recommended some prevention methods such as
1. Using a two-factor authentication where possible.
2. Not clicking on any links to external sites from the game chat, and carefully checking the address of any resource that requests you enter your username and password; the page may be fake
3. Avoid downloading any pirated software and game even if you are redirected to the webpage from a well-known and legitimate website.
4. Using a strong, reliable security solution for all your devices and monitor for unwanted internet activity.