Look out for SteamHide, an emerging loader malware that disguises itself inside profile images on the gaming platform Steam, which researchers think is being developed for a wide-scale campaign. Steam’s most recent data said the platform has more than 20 million users playing games, including popular titles like Counter-Strike: Global Offensive, Dota 2 and Apex Legends. “While hiding malware in an image file’s metadata is not a new phenomenon, using a gaming platform such as Steam is previously unheard of,” G Data analyst Karsteen Hahn said about SteamHide in a new disclosure report, which builds on the original find by @miltinhoc on Twitter: The malware downloader is hiding in the Steam profile image’s metadata, specifically in the International Color Consortium (ICC) profile, a standardized set of data to control color output for printing. Attackers hide their malware in benign images commonly shared online, including memes like “blinking white guy” used in the G Data analysis example. “The low-quality image shows three frames of the ‘white guy blinking’ meme alongside the words January, a black screen, and September,” Hahn added. “The image content itself does not seem to make sense.” Victims of this profile image scam don’t have to be on Steam or have any gaming platform installed, G Data’s researchers found. And updating the malware only requires uploading a new profile pic. The profile image data only contains the downloader that fetches additional malware, the…
https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2021-06-10 11:51:002021-06-10 11:51:00Steam Gaming Platform Delivering Malware
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org