Categories: SecurityWorkspace

Malware Campaign Targets Twitch

Security experts have warned of a malware campaign targeting users of Twitch, the video-gameplay streaming site recently acquired by Amazon for nearly $1 billion (£597m).

The social-networking site, which allows users to stream videos of themselves playing video games, is available on consoles including the PlayStation 4 and the Xbox One, and has more than 55 million unique monthly viewers.

twitch-tv-3

Chat targeted

The malware appears via the site’s chat feature, where an automated account “bombards channels”, inviting viewers to join a weekly raffle to win gaming-related items, according to Finnish security firm F-Secure.

A link leads to a Java programme that asks for the participant’s name, email address and permission to publish the winner’s name, but this data is not stored, the company said.

After a user has filled out the form, the programme installs and runs a Windows binary file that accesses the user’s Steam account – Steam being a gaming platform that offers social-networking features, with 75 million active users. The malware is able to take screenshots, add new friends, buy items and sell items at a discount, among other features, F-Secure said.

“This malware, which we call Eskimo, is able to wipe your Steam wallet, armory, and inventory dry,” F-Secure said in an advisory. “It even dumps your items for a discount in the Steam Community Market. Previous variants were selling items with a 12 percent discount, but a recent sample showed that they changed it to 35 percent discount.”

Acquiring Steam items

The sales are intended to allow the attacker to gather enough Steam funds to buy items that are then traded to another account, possibly maintained by the attacker, according to F-Secure. This activity occurs on the user’s local system, bypassing Steam’s security measures.

The company said it has seen multiple reports of such trades on Steam’s forums.

Twitch said in a statement that it has now blocked the malware link in question, and said it advises users to avoid clicking on links from people they don’t know, “just like they wouldn’t do on any other social media sites”. Twitch said it allows broadcasters to block links from appearing in chats.

The company said this was the “first instance” it had seen of such an attack.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Hackers Target Australia’s Largest Pension Funds

Multiple pension funds in Australia have been hit in co-ordinated hacking attacks, and unfortunately customers…

5 hours ago

Pentagon Confirms Investigation Of Signal Use By Pete Hegseth

Inspector General at the Pentagon confirms investigation into the use of Signal app by US…

6 hours ago

Amazon Resumes Drone Deliveries In US

After a two month hiatus following crashes of a new drone model, Amazon has resumed…

8 hours ago

Amazon Joins Bidders To Acquire TikTok In US

But will Beijing or ByteDance allow sale? Amazon joins potential bidders for TikTok in US,…

1 day ago

Elon Musk Dismisses Reports Of Imminent Departure From DOGE

Elon Musk dismisses report that Trump told cabinet that he expects Musk to leave his…

1 day ago