Steam might be the latest platform to find itself as an unwitting host to malware, according to a new report from G Data (via Rock Paper Shotgun). Hackers are actually hiding malware in Steam Profile images which can then be downloaded to a user’s computer through a separate downloader.
The malware isn’t the image itself but hiding inside of the image’s metadata. In order for the malware to activate, the user would have to download a separate piece of malware that downloads the virus from the Steam profile. The key here is that Steam is just being used as a repository since it’s widely distributed and is often automatically cleared by anti-virus software as a safe source.
“While hiding malware in an image file’s metadata is not a new phenomenon, using a gaming platform such as Steam is previously unheard of,” noted G Data, adding that the profile image “is neither infectious nor executable.” To activate the malware, the user would have had to have already been infected by a separate downloader, either by clicking on an email link or visiting a compromised website. The downloader then accesses Steam to grab the malware from a stored profile image.
The infected user neither has to access nor have Steam installed in order for this scheme to work, so Steam users don’t need to be worried about an increased risk of infection. “The malware is inactive unless it is unpacked and decrypted by a separate malware downloader that accesses the image file,” wrote G Data. “The downloader may be hidden in email attachments or on a manipulated website. Those do not necessarily have any association with Steam or gaming in general.”
G Data also noted that the malware practice doesn’t appear to be in widespread use and may still be “under development.”
As usual, avoid questionable websites, don’t click on suspicious email links, and especially don’t install cheat software in order to avoid getting infected with malware.
