WTF? Malware spreads via Steam chat

Steam malwareIf you are one of the many people enjoying playing games via Steam this holiday season, be wary of chat messages inviting you to click on a link.

Messages have spread between Steam users saying "WTF?????" linking to what appears to be a JPEG image file.

However, if you click on the link you will actually find yourself downloading a .SCR Windows executable file, containing malicious code.

Below you can see a screenshot of a malicious Steam conversation (details have been censored to protect the innocent), where a user eventually realises they had been compromised:

Steam chat

If you have seen a message similar to this then, in all likelihood, one of the contacts on your Steam friends list has had their computer infected by the malware and is spamming you and everyone else on their contacts list with the "WTF?????" message.

If you make the mistake of clicking on the link, and opening the downloaded file, your Windows computer could also become infected and your Steam credentials potentially stolen.

The problem of malicious .SCR files spreading across the Steam network is sadly not a new one. For instance, back in September researchers at MalwareBytes warned of the threat.

Presently, the VirusTotal service is only showing identification by a small number of anti-virus products, although it's worth bearing in mind that security solutions use a variety of technologies to protect computers - not just those elements checked by VirusTotal.

My advice? Be very careful about the links that you click on via Steam chat - even if they appear to have been shared by your online friends.

Thanks to reader Rikev for bringing this threat to my attention.

Tags: ,

Subscribe to the free GCHQ newsletter


Special offers & deals

  • Sticky Password Premium: Lifetime Subscription

    Sticky Password Premium: Lifetime Subscription

    Sticky Password protects your online identity by providing strong encrypted passwords for all your accounts, managed by a single master password known by you, and only you. Available for Mac, Windows, iOS, and Android. For a limited time, it's 80% off in our store.
  • IT Security & White Hat Hacking: CompTIA & Cisco Certifications

    IT Security & White Hat Hacking: CompTIA & Cisco Certifications

    Whether you're a beginner or mid-level professional, you'll want to take this comprehensive online course, to help you attain two industry-recognised certifications. You'll master mobile hacking, VPN technologies, penetration testing, and much more--giving you the knowledge you need to succeed in any IT workplace.

More deals...

Leave a reply

7 Comments on "WTF? Malware spreads via Steam chat"

Notify of

Sort by:   newest | oldest | most voted
December 29, 2014 6:56 pm

"My advice? Be very careful about the links that you click on via Steam chat – even if they appear to have been shared by your online friends."

I would extend this by (ironically by extending the point I am shortening the sentence) removing 'via Steam chat'. And indeed it applies also to those you know. In truth it applies to those you know even if you requested it from them: what if they aren't aware of a problem, for example? In short: while it might be that it is what it seems, it also might not be. The problem then, is that some don't recognise all the variables (and to be fair, so many new things pop up over time, it makes it much more difficult to keep track of – it isn't just being aware, it is actually having the right type of thinking that is part of you).

Micah Justice
December 30, 2014 9:06 pm

Or… You could just mature, stop cussing like a teenager, and then your friends who know you don't curse, would see that link and KNOW you didn't sent it because language like that is below you. Ah I forgot… "Mature" is the worst rating… My how the world is twisted…

Macko de pako
Macko de pako
December 31, 2014 8:02 am

Ah yes, when all teens start acting mature the same slang will be used as bait.

Ah "slang", said by many that is "wrong", and to introduce new things to language even if "seen" as others as "rude" to be wrong, wwah, waah. As if we the same is held for Shakespeare, but no, Shakespeare is ART! Because.. well um, we see "art" in it… I suppose………

Adults these days really need to pull their heads out of their asses, it seems as with all their experience, they still do not understand what language is, philosophically… well if you understand. Here's a tip.. words mean nothing, its the meaning you put forward. In other sense, it doesn't matter as long as communication isn't held back.

December 31, 2014 3:18 am

This is exactly what happened to me at Christmas-night. I lost over 300€ worth of Steam items. I have made a ticket to Steam Support but they havent answered so does any of you have experience about this kinda thing? Is there a way to get back my stolen items?

December 31, 2014 12:58 pm

I'm thinking steam will probably be nice enough to give you the games back (their customer service is quite good)

December 31, 2014 4:09 pm

I've been reversing a bunch of the malware that has been sent through steam. I'm thinking of doing a writeup soon about it. Most of them are pretty basic.

January 1, 2015 9:29 am

As an FYI, I had also blogged about this 2 months ago – including some recommendations on what to do if this happened to you. Read about that here: