Steam Stealer malware that hijacks Valve store passwords sells on Dark Web for $15

Russian-developed malware targeting the PC gaming network Steam has been found to sell for less than £20 (€25.50) on the dark web. The malware gives hackers the ability to hijack login credentials, credit card data and purchased content with ease.

According to Steam roughly 77,000 user accounts are compromised every month by a highly effective network of cybercriminals who are in the business of pillaging sensitive data. "It's a losing battle to protect your items against someone who steals them for a living," the firm has warned users. "We can help users who've been hacked by restoring their accounts and items, but that doesn't deter the business of hacking accounts. It's only getting worse."

Security research conducted by Kaspersky Lab has uncovered one of the main culprits of such activity to be a form of malware aptly named 'Steam Stealer' that has been viewed in the wild over 1,200 times. Based on its analysis, the security experts said the criminal gangs are most prevalent in Eastern Europe.

The research, outlined by security researcher Santiago Pontiroli, found that Steam hacking services are now routinely offered as a malware-as-a-service (MaaS) in underground forums where developers build full packages of malware for users of any skill level. Indeed, most of this malware now comes bundled with an instruction manual.

The Steam Stealer malware, the research found, can be distributed by fake web pages or by fooling Steam users into opening an infected file via direct message. Once clicked, the software will inject the malicious payload to search configuration files for login credentials, which are then wired back to the spammer. Once the hacker has gained access to the targeted account, the details will usually be offloaded on the dark web for money. The research found the value for a cache of stolen credentials to be a mere $15.

"One of the reasons behind the growth of specific malware targeting gamers has been the simplicity behind its operation and the ubiquity of its offering," said Pontiroli. "The focus on selling stealers to anyone with money to spend means that a staggering number of script-kiddies and technically challenged individuals resort to this type of threat as their malware of choice to enter the cybercrime scene."

"Ludicrously low price"

Based on the fact that Steam Stealer malware sells for as little as $15, Kaspersky Lab researchers claimed it is little surprise this form of internet fraud is rapidly evolving into a widespread problem.

"With Steam Stealers, a ludicrously low price is usually asked of wannabe criminals for the use of the malware. For an extra cost, the full source code and a user manual is included in the package, making this scheme laughable and terrifying at the same time," Pontiroli explained.

"Of course, the aforementioned prices represent the low end of the 'industry' spectrum, but it would be hard to find any stealer being sold for more than $30."

Meanwhile according to Mark James, security specialist with ESET, internet gaming platforms are becoming an increasingly effective honeypot for malware and scams. "With so much money being invested into the gaming industry and more people spending millions on their games of choice, keeping those login credentials safe needs to be the gamers' number one priority," he said.

Steam currently boasts over 12 million concurrent users, which, as Kaspersky notes, is a large pool of potential victims for cybercriminals to exploit. For its part Valve, which runs the service, has recently started to ramp up its security measures and is now offering users increased authentication options.