Steam users have been told to be careful about attacks by cybercriminals who have infected video game demo with malicious code. This harmful download is featured like a cool new game.
According to reports, Steam game platform has become victim of fraudsters who created many fake pages on their website in an attempt to fool unsuspecting gamers into downloading and installing malicious malware on their machines.
The modus operandi: These tricksters often take a demo from a genuine new game (like Octopus City Blues, in recent time) and then replicate its page at the “Greenlight” section of Steam’s website. These bogus accounts are very convincing as they have all things like a trailer, screenshots and full descriptions of what players can enjoy after they downloaded a game. And when you decide to try out the seven-level demo of Octopus City Blues and click on the download link, you would be taken to a website that is spreading a malware.
The Octopus City Blues team has taken notice of the activities by scammers and here is their message to all fans on their Twitter page:
Wow. Someone copied our Steam page to spread malware. Their virus demo contains 7 levels! Gotta step our game up http://t.co/LOJ19e5zFF
— Octopus City Blues (@octocityblues) April 5, 2015
Octopus City Blues designer Firas Assaad warned the tricksters with a DMCA notice as “companies take them much more seriously.”
Steam also took action and deleted the offending webpages. A page related to an illicit copy of RPG called Garlock Online was also taken down.
We can predict that Steam’s popularity will be followed by more attacks like this and it is very important to make the users feel that they are safe when using Steam apps and website. As such, the company must proactively come up with checks against online criminals. It could start by asking developers who post demos of their new games to go through a more thorough authentication process so that only genuine ones would be able to upload their products.
It is also important for the company to regularly and immediately address abuse reports from members. This is lacking for now as it takes days before complaints are addressed. By the time such pages are taken down many innocent users’ computers are already infected with malware.
With popular online gaming communities becoming soft targets of criminals, scammers and fraudsters, we feel that an effective security mechanism should be developed.
On users part, the best we can do is install latest patches or anti-virus software on our computers and be extra careful when deciding to download files from the internet. Is it really a fun game or just another hacker’s trap?