Loading...

News Flash

A game on Steam Early Access hid three dangerous malware strains

A fake survival game turned into a digital nightmare. Here's how to protect yourself even on trusted platforms like Steam.

A game on Steam

Table of contents

  • When entertainment turns into a cyberattack
  • Three malware in one game: what was really in “Chemia”
  • A fake studio and a platform caught off guard
  • Behind the attack: an organized cybercriminal group
  • How to stay safe while gaming online

When entertainment turns into a cyberattack

In the world of digital gaming, trust is often taken for granted. Platforms like Steam, relied on by millions of users, are not immune to criminal manipulation. The discovery by Prodaft, a cyber threat intelligence company, shook the community: the game “Chemia”, available in Early Access, was in fact a bait to spread malware.

Three malware in one game: what was really in “Chemia”

Behind the facade of a post-apocalyptic survival game were hidden Fickle Stealer, Vidar Stealer, and HijackLoader. The first two are infostealers: they extract credentials, login data, financial info, crypto wallets, and passwords. HijackLoader is even more insidious—it acts as a backdoor, allowing further malware to infiltrate the victim’s system later on.

A fake studio and a platform caught off guard

The alleged developer, Aether Forge Studios, turned out to be non-existent: no website, no profiles, no trace. Meanwhile, Steam took two days to remove the game after the report, potentially exposing dozens—if not hundreds—of users to infection. The incident raises doubts about response times on platforms, especially for Early Access titles.

Behind the attack: an organized cybercriminal group

This operation has been linked to EncryptHub, a group known for sophisticated spear-phishing attacks. According to Prodaft, the malware in “Chemia” is part of a broader strategy launched in June 2024. The company has also released indicators of compromise (IOC) on GitHub for researchers and cybersecurity professionals.

How to stay safe while gaming online

Here are some essential tips:

  • Download only from verified developers
  • Always read the reviews
  • Use a strong, updated antivirus
  • Run suspicious games in virtual machines
  • Avoid titles that require excessive access or external downloads
To top