Malware attacks go on with one more hit. This time, targets are gaming platforms. This new malware is for sale on dark web forums now. Cybercriminals make use of the so-called BloodyStealer malware and perform their malicious actions by engaging in stealing accounts for gaming platforms such as EA Origin, Epic Games Store, Steam, and more that are also later sold on the black market.
BloodyStealer Malware: How It Works
The ones who discovered back in March the malware dubbed BloodyStealer are the Kaspersky security researchers. What BloodyStealer usually does is perform a series of malicious activities, mainly to steal and collect a broad spectrum of sensitive data. According to BleepingComputer, this is how the malware works:
- it collects data from browsers cookies, passwords, credit cards, and forms;
- it steals PC and screenshots data;
- it steals desktop files (those with .txt extension) and the uTorrent client;
- memory logs collection;
- logging protection duplication;
- it has capabilities in terms of reverse engineering protection;
- it steals client sessions from clients such as Telegram, VimeWorld, GOG, Epic Games, Origin, Bethesda, and Steam.
- it does not work in CIS.
- it has also detection evasion and malware analysis protection features.
It is sold on underground forums at an attractive price – less than 10 USD for a 1-month subscription or 40 USD for a lifetime subscription. (…) While BloodyStealer is not made exclusively for stealing game-related information, the platforms it can target clearly point to the demand of this type of data among cybercriminals.
The same researchers discovered in their report that BloodyStealer malware has been targeting Europe, Latin America, and the Asia-Pacific region victims. It demonstrates data-exfiltration and anti-analysis capabilities.
However, the experts who discovered this malware did not provide attack vector-related info, but, as a general rule, game-cheat and malware-laced modding-related ones are the tools hackers use to attack gamers.
BloodyStealer is a prime example of an advanced tool used by cybercriminals to penetrate the gaming market. With its efficient anti-detection techniques and attractive pricing, it is sure to be seen in combination with other malware families soon. (…) Furthermore, with its interesting capabilities, such as extraction of browser passwords, cookies, and environment information as well as grabbing information related to online gaming platforms, BloodyStealer provides value in terms of data that can be stolen from gamers and later sold on the darknet.