Researchers have spotted an advanced trojan, named BloodyStealer, on dark web forums. The trojan aims to steal gamers’ account data across multiple gaming platforms such as Epic Games Store, EA Origin, and Steam.

  • This trojan has been targeting gaming platforms to harvest gaming account-related details.BloodyStealer has already targeted users based in Latin America, Asia Pacific, and Europe.
  • The information stealer is being sold using private channels to VIP members of underground forums, where the subscription model is priced at USD $40 for a lifetime license or less than $10 per month.
  • Logs, accounts, and in-game goods are game-related assets that are being sold on the darknet for an attractive price or offer. The high demand for such information in black market could be the reason behind this attack campaign.

Functionalities of BloodyStealer

BloodyStealer comes with detection evasion, along with malware analysis protection. In addition, it has various capabilities.

  • Steals sessions from clients such as Bethesda, GOG, VimeWorld, Steam, Epic Games, Telegram, and Origin. Furthermore, it can steal files from the desktop (.txt) and the uTorrent client.
  • Gather and steal a wide range of sensitive info, such as passwords, cookies, bank cards, sessions from multiple apps, and more. It can collect logs from the memory.
  • Well equipped with logging protection and reverse engineering protection mechanisms.

BloodyStealer appears to be an advanced malware with a plethora of capabilities. It comes with anti-detection techniques that make it more lucrative for cybercriminals. Though it is targeting only gaming accounts, it has the potential to expand its scope to other industries as well.