BloodyStealer trojan takes gamers data, passwords on Steam, GOG, Epic

There's a new trojan going around that is getting into gaming accounts like Steam, GOG, EA Origin, and others -- 'BloodyStealer'.

Published Sep 28, 2021 10:45 PM CDT   |   Updated Wed, Jul 27 2022 3:55 AM CDT
1 minute & 24 seconds read time

There's a new trojan going around that is now targeting gamers, known as "BloodyStealer" that is attacking gaming services like Bethesda, Epic Games, GOG, EA Origin, Steam, Telegram, and VimeWorld

BloodyStealer is able to take gamers' data including passwords, credit card details, screenshots, cookies, and client sessions from the above gaming services. The malware was discovered back in March 2021 in an advertisement on an underground forum, according to Kaspersky.

The malware has built-in protections to defend itself against analysis and has already been deployed in Europe, Latin America, and the Asia-Pacific region. Kaspersky notes that the sellers of BloodyStealer are selling the "malware-as-a-service (MaaS) distribution model" which costs $10 per month, or $40 as a lifetime license.

BloodyStealer trojan takes gamers data, passwords on Steam, GOG, Epic 05
BloodyStealer trojan takes gamers data, passwords on Steam, GOG, Epic 06

Kaspersky writes that there are databases of accounts available as logs, for sale, with the attackers advertising they have the geography of users, the time span of the logs that were collected, and more. A log containing 65,600 records with 9000 users in the US was selling for $150 -- or just $0.2 per record).

There are individual games sold from these accounts, a nice feature that even as a customer of the services hacked you don't get -- you can't just trade your games with friends. But these hackers can, and 'steal' the 'digital game' and sell it individually, with a game like Need for Speed or NFL 21 selling for less than $0.50 -- what a steal.

Kaspersky has a few warnings on how to not fall victim to BloodyStealer, or similar thieves:

  • Protect your accounts with strong passwords, enable two-factor authentication, and generally max out the platform's security settings (see our guides for Steam,, Origin, Twitch, and Discord users).
  • Download apps only from official sources to minimize the chances of picking up BloodyStealer or other malware.
  • Be wary of links in e-mails and messages from strangers.
  • Before entering your credentials on any website, make sure it's genuine.
  • Use a reliable security solution. For example, Kaspersky Security Cloud blocks BloodyStealer and doesn't interfere with gameplay.
Buy at Amazon

Mr. Robot: The Complete Series

TodayYesterday7 days ago30 days ago
* Prices last scanned on 12/9/2022 at 1:39 am CST - prices may not be accurate, click links above for the latest price. We may earn an affiliate commission.

Anthony joined the TweakTown team in 2010 and has since reviewed 100s of graphics cards. Anthony is a long time PC enthusiast with a passion of hate for games built around consoles. FPS gaming since the pre-Quake days, where you were insulted if you used a mouse to aim, he has been addicted to gaming and hardware ever since. Working in IT retail for 10 years gave him great experience with custom-built PCs. His addiction to GPU tech is unwavering.

Newsletter Subscription

    Related Tags

    Newsletter Subscription
    Latest News
    View More News
    Latest Reviews
    View More Reviews
    Latest Articles
    View More Articles