Skip to main content

Twitch chat malware is emptying gamers' Steam accounts

Twitch chat malware is emptying gamers' Steam accounts

Share this story

If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement.

F-Secure has uncovered an unusual kind of malware that's spreading through Twitch's chat feature, which they're calling "Eskimo." The virus starts with a simple phishing scheme, claiming the target has won a phony raffle and offering a bad link to confirm. If users click the link, they'll be infected with the malware, which logs into the gaming platform Steam and takes control of the target's account. From there, the program empties the target's wallet and sells off any valuable items he may have bought or acquired through the service. Users are also reporting that more valuable items were being traded to an account called "Youni," the owner of which has yet to be tracked down.

Twitch is an immensely popular destination for live-streaming video games, which makes it the perfect platform for such an attack. What's less clear is why Steam is being targeted. Some players may be keeping a lot of cash in their Steam wallets, but compared to a credit card or a checking account, it seems like a less than lucrative target. It's also surprisingly well secured. Steam's basic user settings mean the "Youni" account should be linked to a specific computer, which should make it trivial to trace back to whoever's behind the attack. In the meantime, the message is simple enough: beware of strangers bearing links, on Twitch and otherwise.