Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security Games

Malware Distributed Through Twitch Chat Is Hijacking Steam Accounts 53

An anonymous reader writes If you use Twitch don't click on any suspicious links in the video streaming platform's chat feature. Twitch Support's official Twitter account issued a security warning telling users not to click the "csgoprize" link in chat. According to f-secure, the link leads to a Java program that asks for your name and email. If you provide the info it will install a file on your computer that's able to take out any money you have in your Steam wallet, as well as sell or trade items in your inventory. "This malware, which we call Eskimo, is able to wipe your Steam wallet, armory, and inventory dry," says F-Secure. "It even dumps your items for a discount in the Steam Community Market. Previous variants were selling items with a 12 percent discount, but a recent sample showed that they changed it to 35 percent discount. Perhaps to be able to sell the items faster."
This discussion has been archived. No new comments can be posted.

Malware Distributed Through Twitch Chat Is Hijacking Steam Accounts

Comments Filter:
  • by Anonymous Coward

    Steam extended summer sale extrazaganza 35% off select games now!

  • by Taco Cowboy ( 5327 ) on Monday September 15, 2014 @04:25AM (#47906825) Journal

    If someone wants me to type in my account and then my password I won't

    I really won't

    Common sense tells me that no one has any right to demand me to type in my account name/number and then my password

    That is why I do not understand why there _are_ people who are simply void of any common sense

    Ain't there enough stories of scams already? Why can't those people learn _anything_ from the mistakes of others?

    • by TheRealQuestor ( 1750940 ) on Monday September 15, 2014 @04:29AM (#47906831)

      If someone wants me to type in my account and then my password I won't

      I really won't

      Common sense tells me that no one has any right to demand me to type in my account name/number and then my password

      That is why I do not understand why there _are_ people who are simply void of any common sense

      Ain't there enough stories of scams already? Why can't those people learn _anything_ from the mistakes of others?

      Except in this case it does not. It asks for your name and email. Nowhere does it say anything about a password.

      • Yes but isn't there enough history about the internet that says "Don't click links from people you don't trust?". Not that pretty much anyone hasn't broken that rule at one time or the other.
        • There is but it still seems that people do it and do it a LOT. I'm both sad and glad as it keeps me in a job :)
          • Ah yes, job security by other's idiocy. Makes you wonder what the world would be like if people followed instructions.
    • Re: (Score:3, Informative)

      by Nyder ( 754090 )

      If someone wants me to type in my account and then my password I won't

      I really won't

      Common sense tells me that no one has any right to demand me to type in my account name/number and then my password

      That is why I do not understand why there _are_ people who are simply void of any common sense

      Ain't there enough stories of scams already? Why can't those people learn _anything_ from the mistakes of others?

      No where do they say they are asking for the steam account info. Fake raffle wants a username/email & password to sign up, then it installs a program that access your steam stuff. most people on their home computer either have steam running all the time and are logged in, or auto log in.

      I do don't do twitch.tv and I don't bother signing up for online raffles or anything claiming i will win something, because that is stupid.

      But yes, giving your account info out is very dumb, but I don't think that i

      • by mwvdlee ( 775178 )

        Why would it be a raffle or some other semi-sleazy subject?

        Asking for a username and email is standard practice for pretty much any kind of website signup.

        If I were into gaming enough to watch somebody else play a specific game on Twitch and somebody posted a link to a legit-looking site claiming to provide me a valuable service for that specific game, I might well be fooled.

    • Comment removed based on user account deletion
    • I wouldn't say so much as "devoid of common sense", but rather "trained to ignore warnings"

      Microsoft is probably the biggest offender here. In trying to provide better security to the end user, they end up bombarding them with warnings, which mean nothing bad 99% of the time (e.g. IE ssl warnings, UAC warnings, etc). Users start to think nothing of these, so they just start to ignore them.

      Not to mention, there's 8 million ways to scam people on steam, most of which don't involve malware. And yes, when tradi

  • Morons. (Score:1, Insightful)

    by Anonymous Coward

    Several things annoyed me with this.

    1) gamers that don't run basic AV
    2) gamers that don't run sandboxing software over their browser (Sandboxie for example, shits TRIVIAL to use and is even foolproof!)
    3) people DOWNLOADING programs for competitions...
    4) actually wanting to play CS Go. The worst sin of them all.
    5) Twitch still hasn't word-banned people typing these messages and any variants. It's not like their servers would break, they already have filters in place.

    Let them suffer. These are the ki

    • by Anonymous Coward

      "Basic AV" is useless against any determined attacker. Yes, in a few weeks, maybe even in a few days if the AV is really "good", the AV would find the trojan horse that you installed, but the one you installed disabled all defenses and the one you'd get in a few weeks or days is different enough that your AV won't do anything then. People with common sense don't need AV and people without common sense are not helped by AV. I see the remnants of the infection vector all the time: Installers, usually of some

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      FREE SHIT! CLICK HERE! still works even on gamers.

      and the bar for 'gamer' is really really low these days anyway.

    • by Anonymous Coward

      1) Not sure what being a gamer has to do with ones computer literacy in this day and age. It's not 1995 anymore. It doesn't take a CS degree to get an online game working.
      2) Who the fuck runs sandboxing software on their browser? Essentially no one.
      3) It gives the appearance of being a Java browser app. Unfortunately, people are used to sites running annoying unnecessary Java apps to do that do things that don't need a Java app to implement because of lazy/bad developers. Since this app gives the appearance

    • by Sigma 7 ( 266129 )

      1) gamers that don't run basic AV

      Basic AV = not automatically executing stuff.

      If you mean something like real-time protection from common AV packages, then those are technically reactive to threats and don't detect new things within the past ~24 hours or so.

      2) gamers that don't run sandboxing software over their browser (Sandboxie for example, shits TRIVIAL to use and is even foolproof!)

      Browsers should be self-sandboxing, which has been the case since the start of HTML, until someone foolishly added JavaScr

    • by Anonymous Coward

      2) gamers that don't run sandboxing software over their browser (Sandboxie for example, shits TRIVIAL to use and is even foolproof!)

      That is not how Sandboxie works by default. By default, Sandboxie prevents changes to files on the system itself, but allows sandboxed items to read everything. So things running inside the sandbox, including this malware, would be able to do everything the summary describes unhindered. And if you have the sandbox set to delete all its contents on a program closure (like your browser), you would not even know, or even have a trace, of what happened.

  • by GuB-42 ( 2483988 ) on Monday September 15, 2014 @05:39AM (#47906977)

    How to trust a chat where strange black-and-white faces appear randomly ?
    And it it wasn't enough, there is even a special emote for FRAUD!, an obvious sign.

  • Time to watch out on Steam for discounts, I guess ...

    Thanks for the info!

  • Not that I don't just assume its Windows, as usual, but, it would have been nice to specify that this is only happening to people unfortunate enough to be running Windows. If it was happening to Mac users also, I would bet they'd mention that.
    Of course, I'm pretty sure I'm safe on my linux platform.

  • don't ever click on suspicious links ever!

  • Anyone know how this is being done? You can't send Steam Wallet funds from one account to the other.
    • One party probably lists an item on the market for the amount that they want to transfer, then the victim's hijacked account buys that item.
  • Steam Community Market, Steam Wallet?
    I've been using Steam for a while, but I don't know how to look at either of these things. I guess I'll have to poke around when I get home.

    I just buy and play games. As far as I'm concerned it's a game launcher.

    I remember a lawsuit a while back about being able to resell games, but didn't realize there was a "marketplace" to do that within steam. I knew there were coupons or promo codes, but didn't realize there was a wallet.

    So I learned something new about a pi

One person's error is another person's data.

Working...