Hackers stole cryptocurrency from hundreds of users through a fake game on Steam

The BlockBlasters game, which turned out to be malicious and led to large-scale cryptocurrency theft, was removed from the Steam platform. The most famous victim was the Latvian streamer Raivo Plavnieks (RastalandTV), who was raising funds for cancer treatment. After downloading the game during a live broadcast, he lost more than $ 32,000 in donations.

BlockBlasters was available on Steam for almost two months and had a «very positive» rating. Only on August 30, a hidden component was added to the game — the so-called «cryptodrainer». During the installation, it collected Steam logins, IP addresses, and other data, and later stole access to crypto wallets. Crypto investor ZachXBT estimates that about $ 150,000 was stolen from more than 260 accounts, while the VXUnderground group reports 478 victims.

Plavnieks reported the loss on social media and launched a GoFundMe campaign. Later, crypto influencer Alex Becker transferred $ 32,500 to compensate him. Despite this, many other victims have not yet been able to recover their money.

The researchers found that the malicious build used Python backdoors, StealC-malware, and droplet scripts. They also found serious flaws in the attackers' operational security: tokens and Telegram bot code remained in the public domain. There are unconfirmed reports that the traces lead to an Argentine expatriate in the United States.

This is not an isolated case. Previously, Steam has already detected infected games, including Chemia, Sniper: Phantom’s Resolution, and PirateFi. Experts advise to immediately uninstall BlockBlasters, reset Steam passwords, and transfer cryptocurrencies to new wallets. Users should be careful with little-known or «beta» games that may contain malicious code.