If you are one of the many people enjoying playing games via Steam this holiday season, be wary of chat messages inviting you to click on a link.
Messages have spread between Steam users saying “WTF?????” linking to what appears to be a JPEG image file.
However, if you click on the link you will actually find yourself downloading a .SCR Windows executable file, containing malicious code.
Below you can see a screenshot of a malicious Steam conversation (details have been censored to protect the innocent), where a user eventually realises they had been compromised:
If you have seen a message similar to this then, in all likelihood, one of the contacts on your Steam friends list has had their computer infected by the malware and is spamming you and everyone else on their contacts list with the “WTF?????” message.
If you make the mistake of clicking on the link, and opening the downloaded file, your Windows computer could also become infected and your Steam credentials potentially stolen.
The problem of malicious .SCR files spreading across the Steam network is sadly not a new one. For instance, back in September researchers at MalwareBytes warned of the threat.
Presently, the VirusTotal service is only showing identification by a small number of anti-virus products, although it’s worth bearing in mind that security solutions use a variety of technologies to protect computers - not just those elements checked by VirusTotal.
My advice? Be very careful about the links that you click on via Steam chat - even if they appear to have been shared by your online friends.
Thanks to reader Rikev for bringing this threat to my attention.