Game mod on Steam breached to push password-stealing malware

On Christmas Day, the popular indie strategy game Slay the Spire’s fan expansion, Downfall, was compromised, allowing Epsilon information stealer malware to be distributed over the Steam update system.

Developer Michael Mayhem revealed to BleepingComputer that the corrupted package is not a mod installed through Steam Workshop, but rather the packed standalone modified version of the original game.

Malware infiltrated one of our devices, evading detection or blocking by our security software. Since 2FA was neither triggered nor stopped, and all of the compromised accounts were under different email addresses (none of which were stolen), as far as I currently know, it was not a password-stealing malware read more Game mod on Steam breached to push password-stealing malware.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *