A newly discovered way of distributing malware uses profile pictures on the popular “Steam” game platform. The malicious code is hidden in the image files and is decrypted and loaded by another malicious program.
The fact that malware can be hidden in image files is nothing new - but at least G DATA malware analyst Karsten Hahn has not yet seen that a public game platform such as Steam is effectively misused as a download server. Although this type of malware distribution has not yet been actively used, it is clear that criminals are currently actively working on the method and refining it.
Test run also for other platforms?
“Steam is a popular gaming platform with a huge number of accounts. The manipulated profile pictures can already be found on Steam, but the downloaders are still in a test phase, ”says Karsten Hahn, malware analyst at G DATA CyberDefense. “It is only a matter of time before the malware is actively used. It is difficult for Steam to find such manipulated images. "
A user does not even have to have Steam or any other game platform installed or have an account there. As soon as the appropriate downloader, which can be hidden in an email attachment, is started, it downloads the image file and extracts the malicious code hidden in it.
This method has several advantages for criminals, as it enables them to deploy their malicious code quickly and effectively. It doesn't make a big difference to users - they can continue to protect themselves against malware by, for example, being careful and skeptical when handling file attachments.
More at GDatasoftware.com
About G Data With comprehensive cyber defense services, the inventor of the anti-virus enables companies to defend themselves against cybercrime. Over 500 employees ensure the digital security of companies and users. Made in Germany: With over 30 years of expertise in malware analysis, G DATA conducts research and software development exclusively in Germany. The highest standards of data protection are paramount. In 2011, G DATA issued a “no backdoor” guarantee with the “IT Security Made in Germany” seal of trust from TeleTrust eV. G DATA offers a portfolio from anti-virus and endpoint protection to penetration tests and incident response to forensic analyzes, security status checks and cyber awareness training to defend companies effectively. New technologies such as DeepRay use artificial intelligence to protect against malware. Service and support are part of the G DATA campus in Bochum. G DATA solutions are available in 90 countries and have received numerous awards.