Cybercriminals are increasingly targeting gamers and their online accounts with new malware called BloodyStealer according to Kaspersky. In March this year, cybersecurity company experts discovered an advertisement from BloodyStealer that said the malware is capable of stealing passwords, cookies, bank card details, browser autofill data, device data, screenshots, desktop client and uTorrent files, logs and Bethesda. , Epic Games, GOG, Origin, Steam, Telegram and VimeWorld client sessions. Although BloodyStealer is relatively new, the malware has already been used to attack and infect users in Europe, Latin America, and the Asia-Pacific region. What has allowed this malware to spread so easily online is that its creators use a malware-as-a-service (MaaS) distribution model in which BloodyStealer can be purchased on the dark web for €10 a month or around €40 forever. license." In addition to being able to steal user data, BloodyStealer has a suite of tools designed to make it difficult for security researchers and law enforcement to analyze. The malware sends the stolen data as a ZIP file to its C&C server which is protected against DDoS and other web attacks. From there, cybercriminals can use your basic control panel or Telegram to gain access to data and online accounts stolen from victims.
Target players
Although BloodyStealer poses a serious threat to gamers, it is still just one of the many tools available on the dark web to steal their accounts. Cybercriminals sell other types of malware, and underground hacking forums often feature ads offering to post a malicious link to popular websites or sell tools to automatically generate phishing pages. However, one of the most popular products sold on the dark web are logs, which are databases with tons of data for logging into stolen user accounts. In these ads, cybercriminals specify the types of data, the geography of the users, the time period during which the logs were collected, and other details. Cybercriminals also sell access to specific gaming accounts both individually and in bulk. Accounts with lots of expensive games, add-ons, and virtual items are especially valuable, although they are often sold at a very low price. For example, in an advertisement seen by Kaspersky in its blog post on the topic, a cybercriminal was selling 208,000 online gaming accounts for just €4,000. Likewise, games often sell for a fraction of their value on the dark web, with copies of Need For Speed Heat or Madden NFL 21 costing less than €0.50. To avoid falling victim to BloodyStealer, other types of malware and cyberattacks targeting gamers, Kaspersky recommends that users enable two-factor authentication (2FA) for their online accounts, download only applications and software from official stores, be careful with links in emails and messages. . from unknown senders, verify the authenticity of websites before entering your credentials, and protect your devices with antivirus software.