A new piece of pishing malware has taken over Twitch’s user pool tempting users to go into a fake sweepstake or lottery, so that it can nick cash from their Steam Wallets.
For those who came in late, Twitch is a video game-centric website on which people show live streams of game play to others. Amazon bought the site and it has about 50 million users, paying $970 million in cash.
Dubbed Eskimo, the malevolent bot does not look out of place to usual visitors to the streaming site — live streamers, who earn cash via viewer subscriptions, frequently use bots in the chat area of their channels to push donations, inspire supporters and run promotions.
However one of the bots has been cleaning out Steam inventories, which might hold rare digital collectibles, and Steam Wallets, which are source by real-world funds to purchase games on Valve’s admired distribution platform.
F-Secure said Eskimo can wipe your Steam wallet, armory, and inventory dry. It even dumps your items for a discount in the Steam Community Market. Earlier variants were selling items with a 12 percent discount, but a recent sample showed that they changed it to 35 percent discount — to sell the items faster.
According to F-Secure, Eskimo requests users to track a link to fill out a form for a raffle, which it claims provides them an opportunity to win digital weapons and collectibles for Counter-Strike: Global Offensive.
As it has the right to use a Steam account, will get screenshots, add new friends on Steam, accept friend requests, deal with new friends, buy items with Steam funds, send trade offers and accept trades, F-Secure says Eskimo. Once all of a user’s money has been used to purchase collectibles, the malware will trade all of the victim’s digital items to their new “friends.”
F-Secure says, “It might be helpful for the users if Steam were to add another security check for those trading several items to a newly added friend and for selling items in the market with a low price based on a certain threshold. This will help in lessening the damages done by this kind of threat.”