Security News

A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands. Many malware families call themselves Medusa, including a Mirai-based botnet with ransomware capabilities, a Medusa Android malware, and the widely known MedusaLocker ransomware operation.

A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk files, marking a deviation from the ISO optical disc image format. "These VHD files are being distributed with filenames that make them appear like either hacks or cracks for Nintendo and Steam games," AhnLab Security Emergency response Center said in a report last week.

Hackers are launching new attacks to steal Steam credentials using a Browser-in-the-Browser phishing technique that is rising in popularity among threat actors. Today, Group-IB published a new report on the topic, illustrating how a new campaign using the 'Browser-in-the-Browser' method targets Steam users, going after accounts for professional gamers.

The Indonesian Ministry of Communication and Information Technology, Kominfo, is now blocking access to internet service and content providers who had not registered on the country's new licensing platform by July 27th, 2022, as the country begins to restrict access to online content providers and services. The first blocks began Friday, a day before the June 26th deadline, and according to internet access monitoring org NetBlocks, some of the service providers include Yahoo, Steam, and PayPal.

Gaming giant SEGA Europe recently discovered that its sensitive data was being stored in an unsecured Amazon Web Services S3 bucket during a cloud-security audit, and it's sharing the story to inspire other organizations to double-check their own systems. The laundry list of SEGA's potentially exposed data is nauseating - API keys, internal messaging systems, cloud systems, user data and more.

There's a new scam making the rounds on Discord, through which cybercriminals can harvest Steam account information and make off with any value it contains. Researchers flagged a new approach as noteworthy because it crosses over between Discord and the Stream gaming platform, with crooks offering a purported free subscription to Nitro, in exchange for "Linking" the two accounts.

A new Steam phishing promoted via Discord messages promises a free Nitro subscription if a user links their Steam account, which the hackers then use to steal game items or promote other scams. The phishing scam is being conducted by many Discord accounts controlled by the threat actors or as automated bots that send other users links to what is supposedly a guide on how to receive Discord Nitro for free.

The latest TikTok attacks are getting served to gamers on the platform disguised as "Free" or "Hacked" versions of games like Among Us, free Steam accounts and more, according to a new report from Malwarebytes Labs. Considering games like Among Us are largely played by tweens and teenagers, the emerging TikTok landscape could be a potent tool for threat actors to launch offensives against kids, researchers pointed out.

There's a new cybersecurity threat to gamers: An advanced trojan, dubbed BloodyStealer, has emerged on underground forums and is being used to steal gamer accounts on various platforms, including Steam, Epic Games Store and EA Origin. Demand for stolen gamer data throughout the underground markets is increasing, experts at Kaspersky say, making compromising those accounts a priority for cybercriminals of all stripes.

A new advanced trojan sold on Russian-speaking underground forums comes with capabilities to steal users' accounts on popular online video game distribution services, including Steam, Epic Games Store, and EA Origin, underscoring a growing threat to the lucrative gaming market. The information harvested from gaming apps, such as Bethesda, Epic Games, GOG, Origin, Steam, and VimeWorld, is exfiltrated to a remote server, from where it's likely to be monetized on darknet platforms or Telegram channels that are dedicated to selling access to online gaming accounts.