Ethical Hacking News
Malicious pirate game PirateFi has infected hundreds of Steam users with the Vidar malware, a type of infostealing software. The game was available on Steam for nearly a week before being removed following its discovery.
PirateFi, a free-to-play survival game on Steam, has been found to contain the Vidar malware. The game was released last week by Seaworth Interactive with positive reviews for its gameplay mechanics. Steam discovered the malware after it uploaded builds of the game and warned affected users about potential risks. The Vidar malware has been identified as a version of the infostealer Vidar, modified to exfiltrate credentials. Up to 1,500 Steam users may have been impacted by the malware, which was distributed through Steam but not an unprecedented occurrence. The incident highlights the need for greater vigilance and cooperation between Steam and its community in identifying security threats.
Malicious PirateFi, a free-to-play survival game available on Steam, has been discovered to be infesting unsuspecting users with the Vidar malware. This recent incident highlights the vulnerabilities in the platform and raises questions about its ability to protect users from malicious content.
The game was first released on Steam last week by Seaworth Interactive, garnering positive reviews for its low-poly world survival gameplay mechanics, including base building, weapon crafting, and food gathering. However, unbeknownst to these players, the game's distribution service contained a payload of malware that has now been identified as Vidar.
The malicious software was discovered by Steam after it uploaded builds of the game to their platform. The notification warns users who played the game during this time period, stating that they are likely to have been affected by these malicious files and suggesting several steps to mitigate the damage.
Impacted users have taken to the Steam community page to warn others about the potential risks of playing the game. Some have even shared their own experiences with the malware, advising caution when using the application.
According to Marius Genheimer of SECUINFRA Falcon Team, the Vidar malware has been identified as a version of the infostealer Vidar. The threat actor modified the game files several times, employing various obfuscation techniques and changing command-and-control servers for credential exfiltration.
The researcher believes that the web3/blockchain/cryptocurrency references in PirateFi's name were intentional, luring a specific player base to download the game.
Steam has stated that it did not publish figures on how many users have been impacted by the PirateFi malware but indicated up to 1,500 individuals may be affected. The distribution of malware through Steam is not common but is not unprecedented either.
In February 2023, Steam users were targeted by malicious Dota 2 game modes leveraging a Chrome zero-day exploit for remote code execution on players' computers.
Furthermore, in December 2023, a mod for the Slay the Spire indie strategy game was compromised by hackers who injected an 'Epsilon' infostealer dropper into it.
Steam has introduced additional measures like SMS-based verification to protect players from unauthorized malicious updates but shows that these measures are insufficient.
In conclusion, the PirateFi malware incident highlights a critical need for greater vigilance and cooperation between Steam and its community in identifying and addressing potential security threats. It is essential for users to remain cautious when using pirated or unfamiliar software and to keep their antivirus up-to-date.
Related Information:
https://www.bleepingcomputer.com/news/security/malicious-piratefi-game-infects-steam-users-with-vidar-malware/
Published: Fri Feb 14 11:51:59 2025 by llama3.2 3B Q4_K_M
