Security News > 2023 > December > Game mod on Steam breached to push password-stealing malware
Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system.
As developer Michael Mayhem told BleepingComputer, the compromised package is the prepackaged standalone modified version of the original game and not a mod installed via Steam Workshop.
"One of our devices was hit with malware that did not get flagged or blocked by the security we had running on it. As far as I currently know, it was not a password-stealing malware as 2FA did not trigger or stop this, and of the accounts compromised, all were under different e-mail addresses," Mayhem told BleepingComputer, saying that he's "Reluctant to state anything with absolute certainty" until he obtains a professional assessment.
Once installed on a compromised computer, the malware will collect cookies and saved passwords and credit cards from web browsers, as well as Steam and Discord info.
It is commonly used to target gamers on Discord by tricking them into installing the malware under the guise of testing a new game for bugs in exchange for payment.
After the game is installed, it also deploys the malware which runs in the background and steals the user's passwords, credit card details, and authentication cookies.