Back in March of this year, the cybersecurity firm’s experts discovered an ad for BloodyStealer that said the malware is able to steal passwords, cookies, bank card details, browser autofill data, device data, screenshots, Desktop and uTorrent client files, logs and Bethesda, Epic Games, GOG, Origin, Steam, Telegram and VimeWorld client sessions.
Despite the fact that BloodyStealer is relatively new, the malware has already been used to target and infect users in Europe, Latin America and the Asia-Pacific region. What has allowed this malware to spread so easily online is that its creators use a malware-as-a-service (MaaS) distribution model where BloodyStealer can be purchased on the dark web for either $10 per month or around $40 for a “lifetime license”.
Besides being able to steal user data, BloodyStealer has a set of tools designed to make it difficult to analyze by security researchers and law enforcement. The malware sends stolen data as a ZIP archive to its C&C server which is protected against DDoS and other web-based attacks. From here, cybercriminals can use either its basic control panel or Telegram to access the data and online accounts stolen from victims.
While BloodyStealer poses a serious threat to gamers, it’s still just one of the many tools available on the dark web to steal their accounts. Cybercriminals sell other types of malware and underground hacking forums often feature ads offering to post a malicious link on popular websites or selling tools to generate phishing pages automatically.
However, one of the most popular products sold on the dark web is logs which are databases containing heaps of data for logging into stolen user accounts. In these ads, cybercriminals specify the types of data, the geography of users, the period over which the logs were collected and other details.
Cybercriminals also sell access to specific gaming accounts both individually and wholesale. Accounts with many games, add-ons and expensive virtual items are particularly valuable though they are often sold at a huge discount. For instance, in one ad observed by Kaspersky in its blog post on the matter, a cybercriminal was selling 208k online gaming accounts for just $4000. Likewise, games are often sold at a fraction of their value on the dark web and copies of Need For Speed Heat or Madden NFL 21 cost less than $0.50 cents.
To avoid falling victim to BloodyStealer, other types of malware and cyberattacks targeting gamers, Kaspersky recommends that users enable two-factor authentication (2FA) for their online accounts, only download apps and software from official stores, be wary of links in emails and messages from unknown senders, check websites for authenticity before entering your credentials and protect their devices with antivirus software.