New BloodyStealer Trojan targets Steam, GOG and Epic accounts
A new Trojan called BloodyStealer attacks gamers' accounts on EA Origin, Steam, Epic Games, GOG and other gaming services. The malware can intercept session data and passwords, as well as information such as bank card data, device data, screenshots, and uTorrent files.
BloodyStealer is relatively inexpensive - $10 per month or about $40 for a lifetime license. The primary target of the attack appears to be logs or databases containing information used to access accounts. These can then be offered to customers via Telegram or a malware dashboard.
For example, in one example, researchers showed a screenshot of a vendor with 65,600 logs broken down by region that can be purchased for $150. They can also be sold individually - accounts with lots of games, add-ons and expensive items are especially valuable.
Trojan has caught the attention of researchers because of its clever design, which uses debugging protections that make it difficult to reverse-engineer. The information is sent as a ZIP archive to a command-and-control (C&C) server protected against DDoS and other types of web attacks.
Researchers recommend protecting your account with a strong password and, preferably, two-factor authentication. The editorial staff at gg echoes the recommendations.
Illustration: Clint Patterson on Unsplash
