AI Generated Image
Cybercriminals have been distributing malware via Steam for a year, tens of thousands affected
TechSpot • • technology
Key Points:
- Since 2025, cybercriminals have targeted Steam users through malicious wallpapers distributed via Wallpaper Engine, a popular live wallpaper app on the platform.
- Attackers exploited Wallpaper Engine's ability to run unverified third-party executables, hiding malware in password-protected archives that executed automatically when wallpapers were applied.
- The malware stole Steam account credentials, hijacked live sessions, and sent stolen data to attacker-controlled servers, with dozens of infected wallpapers downloaded tens of thousands of times.
- A tested malicious wallpaper disguised as a game called NTRaholic installed a backdoor from the DarkKomet malware family, enabling attackers to further compromise accounts and upload additional malware.
- The campaign mainly affected gamers in China (89% of infections), with smaller impacts in several other countries; Steam has removed the malicious wallpapers, and Kaspersky advises running antivirus scans before using wallpapers with executables.
