Steam, a leading digital distribution platform for PC games, recently removed Sniper: Phantom’s Resolution after users discovered it contained malware designed to steal sensitive data.
The installer, disguised as a legitimate Windows process, executed evasive techniques, including launching and terminating Node.js scripts and creating startup persistence, all while masquerading as a game demo.
This isn’t an isolated case. Just a month prior, another game, PirateFi, was found distributing the Vidar infostealer—a sophisticated malware capable of compromising passwords, browser session cookies, cryptocurrency wallets, and more. Reports indicate that up to 1,500 users were affected.
The Sniper: Phantom’s Resolution incident highlights how cybercriminals leverage external repositories and privilege escalation tools, while PirateFi demonstrates the power of social engineering—using cryptocurrency themes to lure unsuspecting players.
Unfortunately, these cases are becoming increasingly common, eroding trust in digital storefronts that are expected to vet and protect their users.
One of the most alarming aspects is that these malicious games were hosted on Steam’s official platform—not obscure third-party sites. This suggests that attackers are finding loopholes in the platform’s s
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: