A malware named as Eskimo which is advertised via chat forums on the video games streaming site Twitch. empties the affected gamers’ Steam accounts dry, F-secure has reported.
The Malware with one of its feature to act like a bot first invites viewers to participate in a weekly raffle for a chance to win things such as “Counter-Strike: Global Offensive” items, and other game products.
On following the given link, users are asked to provide the participant’s name, e-mail address and permission to publish winner’s name. Once installed, the malware which contains a java program then hijacks the victim’s account.
To add authenticity to the scam and look more real, victim is shown up with a popup window, which informs him/her, that they will be contacted by the email if they win.
The malware then drops and executes a windows binary file, after which it is able to perform several unauthorized commands including, taking screenshots, adding new friends in stem, confirming all pending friend requests, trading of items, buying or selling of items.
What could be a bigger nightmare for a gamer then waking up in morning after a hard day’s rest and seeing, all of what he earned has been spent and he does not even have a clue on what’s happening.
This malware is able to wipe your Steam wallet, armory, and inventory dry. and is able to sell your items in the community for upto 35% discount.
While the items are mostly sold to accepted new friends, most probably the interesting sold items is traded to attacker’s account which is accepted for approval as a friend by the malware itself.