DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
January 17, 2020 
Main Menu
News archives

Who's Online
There are currently 184 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Malware drains Steam wallet and user inventory

Posted on Monday, September 15 2014 @ 14:36:35 CEST by

F-Secure announced a new piece of malware is making the rounds that is designed to clear out your Steam wallet and steal your user inventory. The malware is spread via spam bots on live streaming platform Twitch, these chat bots bombard accounts with messages that invite users to enter a weekle raffle for a chance to win in-game items like a bayonet for Counter-Strike: Global Offensive.

Users gullible enough to click on the link are directed to a Java program which asks for the participant's name, e-mail and permission to publish the winner's name. In reality, it doesn't store these details anywhere but drops a Windows binary file and executes this.

The malware is able to wipe your Steam wallet, armory, and inventory dry. In fact, it even dumps your items for a discount in the Steam Community Market to sell them asap. All this is done from the victim's machine, because Steam's security checks prevent logging in or trading from a new machine.
After this message, the malware proceeds to dropping a Windows binary file and executing it to perform these commands:

  • Take screenshots
  • Add new friends in Steam
  • Accept pending friend requests in Steam
  • Initiate trading with new friends in Steam
  • Buy items, if user has money
  • Send a trade offer
  • Accept pending trade transactions
  • Sell items with a discount in the market

    This malware, which we call Eskimo, is able to wipe your Steam wallet, armory, and inventory dry. It even dumps your items for a discount in the Steam Community Market.

    Previous variants were selling items with a 12% discount, but a recent sample showed that they changed it to 35% discount. Perhaps to be able to sell the items faster.

    Being able to sell uninteresting items will allow the attacker to gather enough money to buy items that he deems interesting. The interesting items are then traded to an account possibly maintained by the attacker.
  • Full details over here.

    Malware steals Steam money



    DV Hardware - Privacy statement
    All logos and trademarks are property of their respective owner.
    The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba