Categories: SecurityWorkspace

Malware Campaign Targets Twitch

Security experts have warned of a malware campaign targeting users of Twitch, the video-gameplay streaming site recently acquired by Amazon for nearly $1 billion (£597m).

The social-networking site, which allows users to stream videos of themselves playing video games, is available on consoles including the PlayStation 4 and the Xbox One, and has more than 55 million unique monthly viewers.

Chat targeted

The malware appears via the site’s chat feature, where an automated account “bombards channels”, inviting viewers to join a weekly raffle to win gaming-related items, according to Finnish security firm F-Secure.

A link leads to a Java programme that asks for the participant’s name, email address and permission to publish the winner’s name, but this data is not stored, the company said.

After a user has filled out the form, the programme installs and runs a Windows binary file that accesses the user’s Steam account – Steam being a gaming platform that offers social-networking features, with 75 million active users. The malware is able to take screenshots, add new friends, buy items and sell items at a discount, among other features, F-Secure said.

“This malware, which we call Eskimo, is able to wipe your Steam wallet, armory, and inventory dry,” F-Secure said in an advisory. “It even dumps your items for a discount in the Steam Community Market. Previous variants were selling items with a 12 percent discount, but a recent sample showed that they changed it to 35 percent discount.”

Acquiring Steam items

The sales are intended to allow the attacker to gather enough Steam funds to buy items that are then traded to another account, possibly maintained by the attacker, according to F-Secure. This activity occurs on the user’s local system, bypassing Steam’s security measures.

The company said it has seen multiple reports of such trades on Steam’s forums.

Twitch said in a statement that it has now blocked the malware link in question, and said it advises users to avoid clicking on links from people they don’t know, “just like they wouldn’t do on any other social media sites”. Twitch said it allows broadcasters to block links from appearing in chats.

The company said this was the “first instance” it had seen of such an attack.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

5 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

8 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

9 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

10 hours ago