Buy Crypto Markets Spot FuturesOIL(WTI)Earn Event Center

Seven Steam games secretly installed crypto-stealing malware targeting players' wallets, the FBI revealed, as it hunts for victims of a coordinated campaign. TheSeven Steam games secretly installed crypto-stealing malware targeting players' wallets, the FBI revealed, as it hunts for victims of a coordinated campaign. The

FBI Probes Malware Hidden in Steam Games Targeting PC Players

Author: Cryptonews AU

Source: Cryptonews AU

2026/03/16 13:03

3 min read

For feedback or concerns regarding this content, please contact us at [email protected]

The FBI’s Seattle Division is investigating seven Steam games that installed information-stealing malware between May 2024 and January 2026, targeting cryptocurrency wallets and browser credentials.
A threat actor identified as EncryptHub deployed multiple malware strains including Vidar, HijackLoader, and a custom tool called Fickle Stealer across titles such as PirateFi, Chemia, and BlockBlasters.
One victim, a Twitch streamer, lost US$32,000 (AU$45,760) during a live cancer fundraising stream when BlockBlasters malware activated on his system.

The FBI’s Seattle field office is investigating a malware campaign that used seven games on Steam to steal cryptocurrency wallets, browser data and saved credentials from players who downloaded them between May 2024 and January 2026.

In a recent notice, the bureau said it is seeking users who may have installed the infected titles: BlockBlasters, Chemia, Dashverse, DashFPS, Lampy, Lunara, PirateFi and Tokenova. Valve has removed the games from Steam, but has not publicly commented.

The FBI believes the threat actor primarily targeted users between the timeframe of May 2024 and January 2026. In the investigation, several games have been identified to include, BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova.

FBI’s Seattle Division

Related: Ripple Buyback Program Values Company at $50 Billion

Harvesting Crypto Information Through Steam Games

Researchers linked the operation to a threat actor known as EncryptHub. The campaign used several malware tools, including Vidar, HijackLoader and a custom program called Fickle Stealer.

Investigators said the software was designed to harvest crypto wallet information, browser cookies and stored login credentials.

Some earlier variants were also capable of secretly mining cryptocurrency on infected devices, using victims’ hardware in the background.

One of the best-known cases involved Twitch streamer Raivo Plavnieks, known online as RastalandTV, who lost US$32,000 (AU$45K) during a live charity stream for cancer fundraising after malware from BlockBlasters activated on his computer.

Investigators later found chat logs in which the attackers dismissed the theft.

PirateFi alone may have been downloaded by as many as 1,500 users during the roughly one week it was available in February 2025.

The full number of victims across all seven games has not been disclosed. Steam’s scale makes the breach potentially significant, with the platform hosting more than 117,000 games and serving about 132 million monthly active users.

The FBI said it is required to identify victims in federal investigations and noted that affected users may qualify for restitution or other protections under state or federal law. It directed potential victims to a reporting form at forms.fbi.gov and an email contact.

Read more: SEC and CFTC Sign Crypto Policy Agreement to Coordinate Oversight

The post FBI Probes Malware Hidden in Steam Games Targeting PC Players appeared first on Crypto News Australia.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.