A free-to-play game called PirateFi was found to be distributing the Vidar infostealing malware to unsuspecting users on Steam. The game, released by Seaworth Interactive, received positive reviews and was available in the Steam store for almost a week between February 6th and February 12th, before being removed due to the malware issue.
The malware was found to be hidden in a file called Pirate.exe as a payload, packed with an InnoSetup installer. Researchers identified the malware as a version of Vidar, which can compromise user credentials, session cookies, and secrets saved in browsers, email clients, and cryptocurrency wallets.
Steam has notified potentially impacted users and advised them to reinstall Windows out of caution. The company has introduced additional measures like SMS-based verification to protect players from malicious updates, but the case of PirateFi shows that these measures are insufficient.
Up to 1,500 users may have been affected by the malware, although Steam did not publish exact figures. This incident highlights the need for improved security measures on the Steam platform and serves as a reminder for gamers to be cautious when downloading new games and updates.
Source: https://www.bleepingcomputer.com/news/security/malicious-piratefi-game-infects-steam-users-with-vidar-malware