It’s well known that online scammers and hackers have a number of tricks up their sleeve to get unsuspecting users to part with their personal information.
Earlier today, their methods reached a new low, as a particularly malicious con artist took advantage of Steam’s Greenlight program for up-and-coming games to distribute malware to users who believed they were ‘beta testing’ a new indie game.
Dynostopia appeared some time this morning (Tuesday, September 1) on Steam Greenlight, containing a link from its ‘developers’ to what was purportedly an early-access demo version of the fictitious title. To add to the apparent authenticity of the scheme, the conman seemingly hacked the account of a user who had been active on Steam for 11 years, and renamed the account to the same as the ‘game’ in question. The scammer even went so far as to create a fake trailer for the game, and uploaded it to YouTube .
Instead of receiving a game to beta test, however, users were met with a rather nasty shock. As first reported by Reddit user toilet-roll, the setup.exe file contained within the initial download included a number of automated scripts that turned over remote access to users’ computers to the hackers, as well as leaving fake positive reviews for the ‘game’ on Steam, encouraging more people to try out the ‘beta’.
It’s believed as many as 500 people may have been affected by the malware in question, with reports coming in of users having to completely wipe their hard drives due to corrupt data.
Valve have deleted the Greenlight page in question and are conducting an investigation into the full circumstances of the event.