Twitch Streamer's Cancer Treatment Fund Stolen by Malware-Ridden Steam Game
A devastating incident has unfolded on the popular gaming platform, Steam, as a Twitch streamer's cancer treatment fund was compromised by malware-ridden game "BlockBlasters". The game, which debuted on Steam in July, had been plagued with issues until an August 30 update that introduced the malicious code.
On September 30, Raivo "RastalandTV" Plavnieks, a Twitch streamer, revealed that over $32,000 worth of cryptocurrency had been stolen from his account after he installed "BlockBlasters". The cryptocurrency was donated to him by his fans to help pay for his cancer treatments.
The malicious update added crypto- and credential-stealing malware to the game, allowing hackers to compromise Steam accounts. BleepingComputer reports that over $150,000 had been stolen from 261 different Steam accounts, with one group estimating that the actual victim count was 478.
Security researchers, including ZachXBT and vx-underground, investigated the incident after RastalandTV's live hacking session prompted them to take action. They discovered that the malware allowed hackers to steal cryptocurrency and other sensitive information from infected accounts.
The investigation also revealed that "BlockBlasters" was marked as "Verified" on Steam, leading some to question how such malicious content could have gone undetected. However, experts emphasize that having a "Verified" label does not necessarily imply that Valve has assessed the game's contents. The incident highlights a critical flaw in Steam's vetting process.
"This is appalling levels of vetting," said researchers who investigated the incident. "How can you let such brazen malware exist on your platform?" The discovery has raised concerns about the security of Steam and its ability to protect users' sensitive information.
What Happened
Here's a breakdown of what happened:
- The game "BlockBlasters" debuted on Steam in July and was initially malware-free.
- An August 30 update introduced the malicious code, allowing hackers to steal cryptocurrency and other sensitive information from infected accounts.
- Raivo "RastalandTV" Plavnieks installed the game after being recommended it by someone in his stream chat.
- Over $32,000 worth of cryptocurrency was stolen from RastalandTV's account.
- The actual victim count is estimated to be around 478, according to vx-underground.
Security Experts Weigh In
Experts and security researchers have weighed in on the incident, highlighting the need for better vetting processes on Steam:
- "This is a wake-up call for all of us," said ZachXBT. "We need to take this seriously and make sure that such malicious content does not go unnoticed again."
- "The fact that 'BlockBlasters' was marked as 'Verified' on Steam raises serious questions about the platform's security measures," added vx-underground.
What's Next?
The incident has sparked a heated debate about the security of Steam and its ability to protect users' sensitive information. What's next for Steam and its users? Only time will tell, but one thing is certain: this incident will not be forgotten anytime soon.
Stay Up-to-Date with Tom's Hardware
Follow Tom's Hardware on Google News, or add us as a preferred source, to get our up-to-date news, analysis, and reviews in your feeds. Click the Follow button to stay informed about the latest developments in the tech industry.