Malware infection occurs even if the user does not have a Steam account.
Unknown attackers use accounts on the Steam gaming platform to distribute malware. The hackers have embedded malware downloaders into the images in their account profiles. The vulnerability, dubbed SteamHide, was discovered by a Twitter user using the pseudonym Miltinhoc.
Hiding malware in the metadata of an image file is not a new phenomenon, however, according to experts from the G Data company, for such purposes a gaming platform such as Steam was used for the first time.
Attackers hide their malware in harmless images that are commonly posted on the Internet, including memes. It is noteworthy that malware infection occurs even if the user does not have an account or an installed Steam program. To install malware, you just need to upload an avatar to your PC.
Once launched, the malware disables all protections and checks administrator rights, then copies itself to the LOCALAPPDATA folder and ensures its persistence by creating a key in the registry.
As the researchers clarified, the malware hides in itself tools that are not activated immediately but may become dangerous in the future. This includes analyzing the system for Microsoft Teams software installed or sending and receiving commands via Twitter.
Catch up on more stories here
Follow us on Facebook here