Unknown hackers have turned Steam accounts into malware carriers. The attackers hid the pest downloaders in their account profile pictures. Vulnerability discovered a Twitter user with the nickname Miltinhoc.
The vulnerability was named SteamHide. As noted by G Data analysts, the gaming service has effectively become a platform for hosting malicious files. Such methods of distributing malware have been known before, but no one has ever used gaming services like Steam for this.
To spread viruses, the attackers used Internet memes, in particular, “Harold hiding the pain.” At the same time, in order to be infected with malicious software, it is not even necessary to have an account or install Steam – you just need to upload an avatar on your PC.
Upon activation, the hidden program disables all security features and then copies itself to the LOCALAPPDATA folder. After saving, it is fixed in the system registry. The researchers clarified that malware hides in itself tools that are not activated immediately, but may become dangerous in the future. How many computers are affected and how the vulnerability can be eliminated is not specified. Valve declined to comment on the situation.
If you notice an error, select it with the mouse and press CTRL + ENTER.