Twitch is a popular platform that gamers use to stream and watch live game play with some popular video games. A security firm called F-Secure has announced that a new malware specifically targeting Steam users is making the rounds via Twitch Chat. The malware is tricking gamers into clicking links that lead to malicious content by claiming that gamers can win prizes in a raffle.
The raffle promises prizes like Counter-Strike: Global Offensive items. When that link is clicked, gamers typically see a Java program that asks for basic information, a congratulations message, and a malicious Windows binary file is installed that tries to steal Steam wallet credentials. The malware is being called “Eskimo” by F-Secure.
The malware can also perform other tasks such as take screenshots, add new Steam friends, accept pending friend requests, and trade items. “This malware, which we call Eskimo, is able to wipe your Steam wallet, armory, and inventory dry. It even dumps your items for a discount in the Steam Community Market,” the company warned in its blog post. “Previous variants were selling items with a 12% discount, but a recent sample showed that they changed it to 35% discount. Perhaps to be able to sell the items faster.”