BloodyStealers trojan targeting gaming platforms
Kaspersky, the cybersecurity solutions provider, has recently discovered a new type of Trojan that affects online gamers and steals the gamer's data. Different attacks have been recorded in Europe, Asia-Pacific regions, and Latin America. An advanced Trojan can steal user's data from online gaming platforms.
Kaspersky's research highlights that gaming goods and products are nowadays in demand on the darknet.
The logins and password combinations required at different online gaming platforms like Epic Games, Steam, Origin, UbiSoft can individually be sold at that gamer's data for 1-30% of an account's overall value, and when the bulk amount of accounts is sold it cost for 14.2 USD per thousands. These stolen accounts that came into being are only due to different criminal campaigns that use BloodyStealers type of malware.
Table of Contents
BloodyStealers is a Trojan that can gather various data types, passwords, cookies information, forms, banking cards, screenshots, login information, and sessions’ information from multiple applications.
It has the features that it avoids detection and analysis. It also offers a low subscription price and is protected against reverse engineering.
It is sold on the undergrounds forum at a cost lower than 10 USD for 1-month availability and 40 USD for the whole life.
The analysis and research made by a Moscow-based firm proved that BloodyStealers is basically the foremost type of example of the threat that online gamers suffer from and is also the best example of the game-related products and data stolen and then sold on the darknet. The Trojan can scrape the cookies, passwords, and other bank accounts related information.
This malware having fascinating abilities like being able to extract cookies, browser passwords, accounts data, and environment information. Moreover, can get the information of online gaming platforms.
Dmirty Galov, Kaspersky researcher
The trojan-sealer derives the information from well-known gaming apps like GOG, Steam, Epic Games, and Vimeworld and then breaks on remote servers sold on platforms like darknet or Telegram channels for money-earning.
The malware uses complicated reverse engineering techniques. BloodyStealers is becoming an attractive tool for Cybercriminals for invading the gaming market. A prediction says that it will be a member of other malware families soon due to its reasonable pricing and efficient methods.
Image source – laptopmag.com
The gamers are mostly exposed to malware attacks when downloading any suspicious files or apps without any authentication. Most of these have features that cheat the gamers and force them to provide their information. The only safe side for a gamer from such malware is never to trust suspicious apps or files as they could contain such malware.
The actual attack vectors are not revealed, but it mainly targets the users trapped in downloading games from fraudulent sites or links, through emails, through chat messages that trick users into providing their accounts information for downloading the game. After giving performance information, all their information is stolen. It can also steal the desktop files, uTorrent clients, and memory logons from the gamer's device.
By involving the malware-as-a-service model, the Trojan BloodyStealers analysis is quite difficult due to the involvement of tools that make security enforcement hard. The stolen information of the gamer is sent to the remote server in the form of a ZIP file. The fraudsters who want to access the data can access it through Telegram platforms or the server's control panel.
C&C servers are also involved in sending data, which implements a protective layer against DDoS attacks and hides their IPs.
It's truly the responsibility of the gamers to protect their accounts while gaming. The Kaspersky experts recommend certain tips to the gamers for securing their information.
- Pay attention to sites that request for you to share your email and password.
- Not click on any suspicious link provided in chats.
- Do not download any illegal content and pirated software.
- From staying safe from Cyberthreats, use reliable security solutions.
- Enable two-factor authentication for a safer environment for gaming.
- Beware of phishing attacks.
- Do not download games from the first link that pops up.
- Download games from official and legitimate sites.
The analysis of the current malware in the Cyber world depicts the gamers' challenges in the coming days. With the growing advancements in the gaming world, cybercriminal activities in the gaming world will also increase day by day.
In the coming days, the gaming world will be more exposed to vulnerable attacks.
BloodyStealers is one of the most advanced tools with efficient techniques and reasonable rates. Due to its amazing capabilities, it can snatch password, cookies, and all accounts information through different online gaming platforms, after snatching sold the stolen data on the darknet. The accounts having valuable games, goods and currency are fruitful targets.
Steps should be taken to avoid stealing accounts through online gaming platforms like two-factor authentication, not using illegal content for downloading, and not using suspicious links. Online gaming should be done safely and securely to protect your personal information from being exposed to others and use authentic gaming platforms for gaming purposes.