For the second time in two months, a hacker has used Steam to distribute malware to unsuspecting gamers, this time through a demo of a game called Sniper: Phantom’s Resolution.
The game was marketed as an exciting first-person shooter, expected to launch in the second quarter of the year. However, earlier this week, a Reddit user raised alarms, warning that the game’s demo might be a computer virus.
How the Hacker Evaded Detection
In order to avoid detection, the hacker didn’t distribute the malicious demo directly on Steam. Instead, they placed a link on the game’s Steam page that led to the developer’s external website, sierrasixstudios.dev. This site contained another link that directed users to download the demo from a file-sharing platform.
To trick gamers into downloading the demo, the hacker sent random direct messages to users on Discord, as reported by Reddit user FERAL_WASP. Further analysis of the demo reveals it has the ability to intercept network traffic and steal cookies from an internet browser, allowing it to break into online accounts.
Steam’s parent company, Valve, has not yet commented on the incident. However, the Sniper: Phantom’s Resolution Steam page has since been removed.
This attack follows another recent case in which a game called PirateFi was released on Steam and distributed malware to users. The exact method by which PirateFi bypassed Steam’s security is still unclear, but the hacker promoted it by using a Telegram bot to recruit users for a paid moderator position within the game. It was later revealed that PirateFi was a fake game, used to spread malware.
Potentially Legitimate Game Targeted by Hackers
Though Sniper: Phantom’s Resolution may be a real game in development by Sierra Six Studios, the situation highlights how easy it can be for malicious actors to exploit even legitimate game pages. A representative of Sierra Six Studios, named Andrew, explained that the team had fallen victim to a scam. Someone purchased a domain in their name and set up a fraudulent game repository containing malware.
Andrew clarified in a Reddit post: “We named our developer account sierrasixstudios.dev because we planned to create a website if the game gained attention. Unfortunately, someone scraped the name, registered the domain, and used it for malicious purposes.” The Steam page for the game was real, but the link to the unregistered domain left it vulnerable to exploitation. Andrew admitted the oversight and mentioned that changing the developer name might have prevented this incident.
Author’s Opinion
While it’s unfortunate that this situation occurred again, Steam’s repeated failure to catch such incidents demonstrates the platform’s need for stronger security measures. It should be a priority for Steam to implement more robust safeguards against malicious actors who use its platform to distribute malware, especially in the gaming community where trust is crucial.
Featured image credit: Global Panorama via Flickr
Follow us for more breaking news on DMR