One of the best arguments for buying games through Steam is the Steam Workshop. This community hub lets users seamlessly download and install mods for their favorite games. No searching for the right files and the folders they go in; Steam Workshop does all the hard work.
However, since all the content is user-created, sometimes malicious coders upload virus-laden items, and victims are often none the wiser.
Earlier this week, Kaspersky blew the whistle on a new virus that hijacks Steam user accounts. This news came several months after the FBI warned about seven Steam games hiding malware.
According to Kaspersky, hackers are exploiting the sharing features of Steam Workshop's Wallpaper Engine. Unlike your average computer wallpaper, the Wallpaper Engine specializes in animated wallpapers (think the animated backgrounds you can get on your Xbox Series X/S and PlayStation 5), so there's more space for hackers to hide malicious code.
Kaspersky's analysis indicates that while only "dozens" of these malware-laden wallpapers exist, they are extremely popular — each has been downloaded thousands or tens of thousands of times. While anyone who installs the wallpapers will get infected, currently the people who built them are mostly targeting Chinese players.
How so? The art styles and titles are "tailored specifically to them." 89 percent of all victims hail from China, followed by Russia at 5.5 percent.
As previously stated, the virus is designed to attract people with certain sensibilities. The wallpapers lure victims in with images of women that can be best described as waifu material. And then when downloaded, the virus springs into action.
According to Kaspersky's analysis, once the wallpaper is launched, it installs a backdoor and an executable file that acts as a "game" while also digging for Steam account credentials. Once the executable has what it needs, it sends the data to a server that the hacker owns. From there, they have full control over your account; they can change your password, steal your credit card information, and upload more infested wallpapers under your name. Oh, and they can also hide all of your files behind ransomware and install crypto miner software if they want.
Kaspersky claims the malware is spread in two ways. The first is the most straightforward: Hackers draw from an archive of wallpapers compromised with malicious EXE files, DLLs, and scripts.
However, Kaspersky says some versions of the malware spread by turning victims into unwitting gofers. Basically, the target is tricked into accessing a protected archive containing the malware by entering its password. Although, sometimes the hacker installs a script that does it for them — not all of us are technologically literate enough to shoot ourselves in the foot.
Obviously, the best way to avoid this malware is to stay clear of Steam Workshop's Wallpaper Engine for the time being. If you really need a special wallpaper, use obscure Windows apps such as WinDynamicDesktop or download Van Gogh-inspired wallpapers for your Mac. However, let's assume that you downloaded these wallpapers before reading this article. You're not doomed just yet.
No comments:
Post a Comment