Steam Summer Sale under attack from new malware threat: whatever you do, don’t click this

When you subscribe we will use the information you provide to send you these newsletters. Sometimes they’ll include recommendations for other related newsletters or services we offer. Our Privacy Notice explains more about how we use your data, and your rights. You can unsubscribe at any time.

Steam fans are gearing up for the service’s biggest event of the year – the Steam Summer sale. As is usually the case, Valve hasn’t confirmed the Steam Summer Sale 2021 start date yet – but it’s widely believed to take place on June 24, 2021. And in the run-up to the Steam Summer Sale launch a new security threat has been revealed.

As reported by Threatpost, an attack that’s “previously unheard of” has been discovered on Steam. The SteamHide campaign manages to spread malware that is disguised as Steam profile images.

The malware is hidden in the metadata of Steam profile images, with attackers using commonly shared images like memes to raise the chances of the nefarious code getting spread further.

The threat was first highlighted by Twitter user @miltinh0c in May, who last month tweeted: “Just found malware being hosted on a Steam profile inside an image! That’s the first time I see something like that”.

Phone security: How hackers can obtain private information

Researchers at G Data have since taken a deep dive into the malware threat, saying that SteamHide could be being developed as part of a wide-scale campaign.

In a post online Karsten Hahn, a malware analyst at the firm, wrote: “While hiding malware in an image file’s metadata is not a new phenomenon, using a gaming platform such as Steam is previously unheard of. From attacker’s point of view, this approach makes sense: Replacing the malware is as easy as just replacing a profile image file. There is also a huge number of legitimate accounts – and blocklisting the Steam platform outright would have many undesired side effects.

“It should be noted that in order to become a target for this method, no installation of Steam – or any other game platform – is required. The Steam platform merely serves as a vehicle which hosts the malicious file.

“The heavy lifting in the shape of downloading, unpacking and executing the malicious payload is handled by an external component which just accesses the profile image on one Steam profile. This payload can be distributed by the usual means, from crafted emails to compromised websites.”

Steam profiles can be viewed on any web browser, which opens this latest malware threat up to a wide range of people that don’t even use the popular PC gaming service.

The Steam malware threat comes in the run-up to the Steam Summer Sale 2021, which is believed to be taking place between June 24 and July 8.

But before that there will be the Steam Next Fest which starts in just a few days time on June 16, and ends on June 22. Anyone planning on using the service during this busy period and beyond should be onguard to any suspicious looking profiles they stumble upon that’s sharing images.

Source: Read Full Article