A new malware emerged onto the Twitch that lures the users into attractive offers and then steals the credits in the Steam account wallet. The malware, however, works in the same old fashioned way and asks the user to enter login details onto a phishing website.
Twitch is a streaming service and allows the gamers around the world to live cast their gameplay on the Internet. Twitch recently got a lot of fame as Amazon, the retail giant, took over it by winning a $970 million bid onto it.
It is not uncommon for the Twitch users to see a bot in a chat room, however, live streamers use them to earn cash by viewer subscriptions, push donations, magnetize supporters or even declare the promotions.
Once an individual falls for it, the malware can easily clean out the Steam inventories, a place to store the rare digital collectibles, and Steam Wallets. Steam Wallets are source for funds in the real world and can be used to purchase the game titles.
When F-Secure, the Helsinki-based security firm, was made aware of it, they said, “This malware, which we call Eskimo, can wipe your Steam wallet, armory, and inventory dry. It even dumps your items for a discount in the Steam Community Market. Earlier variants were selling items with a 12% discount, but a recent sample showed that they changed it to 35% discount. Certainly, in order to sell the items faster.”
It has been named as Eskimo, and F-Secure says that it also asks the users to track an URL and fill a form, which it says that it will make them eligible for a raffle and open an opportunity to have new weapons in the game of Counter Strike: Global Offensive.
F-Secure also said, “It might be helpful for the users if Steam were to add another security check for those trading several items to a newly added friend and for selling items in the market with a low price based on a certain threshold. This will help in lessening the damages done by this kind of threat.”