Security News > 2021 > September > New BloodyStealer Trojan Steals Gamers' Epic Games and Steam Accounts
A new advanced trojan sold on Russian-speaking underground forums comes with capabilities to steal users' accounts on popular online video game distribution services, including Steam, Epic Games Store, and EA Origin, underscoring a growing threat to the lucrative gaming market.
The information harvested from gaming apps, such as Bethesda, Epic Games, GOG, Origin, Steam, and VimeWorld, is exfiltrated to a remote server, from where it's likely to be monetized on darknet platforms or Telegram channels that are dedicated to selling access to online gaming accounts.
Infection chains involving BloodyStealer are also noteworthy for the fact that threat actors who had purchased a license to the product used the stealer in conjunction with other malware campaigns.
Kaspersky did not reveal the attack vectors used to stage the incursions, but it's typical of adversaries to target users looking to download games from fraudulent sites or through email and chat messages containing links to external rogue sites that trick gamers into entering their account information.
"BloodyStealer is a prime example of an advanced tool used by cybercriminals to penetrate the gaming market," the researchers said.
"With its interesting capabilities, such as extraction of browser passwords, cookies, and environment information as well as grabbing information related to online gaming platforms, BloodyStealer provides value in terms of data that can be stolen from gamers and later sold on the darknet."