Newsfeed
Nachrichtenbote
Twitch.tv is a video gaming focused live streaming platform, which has more than 50 million viewers. It was acquired recently by Amazon.com for nearly a billion dollars.
We recently received a report from a concerned user about a malware that is being advertised via Twitch.tvs chat feature. A Twitch.tv bot account bombards channels and invites viewers to participate in a weekly raffle for them to get a chance to win Counter-Strike: Global Offensive items such as:
Those who have fallen victim to this fake giveaway will be shown this message:
However, based on analysis, information provided by the victim is totally ignored. Rather, the malware proceeds to dropping a Windows binary file and executing it to perform these commands:
Take screenshots
Add new friends in Steam
Accept pending friend requests in Steam
Initiate trading with new friends in Steam
Buy items, if user has money
Send a trade offer
Accept pending trade transactions
Sell items with a discount in the market
This malware, which we call Eskimo, is able to wipe your Steam wallet, armory, and inventory dry. It even dumps your items for a discount in the Steam Community Market.
Previous variants were selling items with a 12% discount, but a recent sample showed that they changed it to 35% discount. Perhaps to be able to sell the items faster.
Being able to sell uninteresting items will allow the attacker to gather enough money to buy items that he deems interesting. The interesting items are then traded to an account possibly maintained by the attacker.
Victims have reported in forums.steamrep.com that their items were being traded to this Steam account without receiving anything in return:
All this is done from the victim's machine, since Steam has security checks in place for logging in or trading from a new machine. It might be helpful for the users if Steam were to add another security check for those trading several items to a newly added friend and for selling items in the market with a low price based on a certain threshold. This will lessen the damages done by this kind of threat.
On 12/09/14 At 11:29 AM
Weiterlesen...
We recently received a report from a concerned user about a malware that is being advertised via Twitch.tvs chat feature. A Twitch.tv bot account bombards channels and invites viewers to participate in a weekly raffle for them to get a chance to win Counter-Strike: Global Offensive items such as:
Those who have fallen victim to this fake giveaway will be shown this message:
However, based on analysis, information provided by the victim is totally ignored. Rather, the malware proceeds to dropping a Windows binary file and executing it to perform these commands:
Take screenshots
Add new friends in Steam
Accept pending friend requests in Steam
Initiate trading with new friends in Steam
Buy items, if user has money
Send a trade offer
Accept pending trade transactions
Sell items with a discount in the market
This malware, which we call Eskimo, is able to wipe your Steam wallet, armory, and inventory dry. It even dumps your items for a discount in the Steam Community Market.
Previous variants were selling items with a 12% discount, but a recent sample showed that they changed it to 35% discount. Perhaps to be able to sell the items faster.
Being able to sell uninteresting items will allow the attacker to gather enough money to buy items that he deems interesting. The interesting items are then traded to an account possibly maintained by the attacker.
Victims have reported in forums.steamrep.com that their items were being traded to this Steam account without receiving anything in return:
All this is done from the victim's machine, since Steam has security checks in place for logging in or trading from a new machine. It might be helpful for the users if Steam were to add another security check for those trading several items to a newly added friend and for selling items in the market with a low price based on a certain threshold. This will lessen the damages done by this kind of threat.
On 12/09/14 At 11:29 AM
Weiterlesen...