Cybersecurity

7039 readers

105 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

[email protected]

PirateFi game on Steam caught installing password-stealing malware (www.bleepingcomputer.com)

submitted 2 months ago by [email protected] to c/[email protected]

4 comments fedilink hide all child comments

top 4 comments

sorted by: hot top controversial new old

[–] [email protected] 15 points 2 months ago (1 children)

This is an interesting vector, since it costs $100 to even post a free game on Steam. Did the game dev poison their own game, or did someone get access to their account to upload the hacked version? The article doesn't seem to specify.

[–] [email protected] 14 points 2 months ago (1 children)

The researcher believes that the web3/blockchain/cryptocurrency references in the PirateFi name were intentional, to lure a specific player base

Article seems to imply it was intentional by the devs. Also making it free to play with no DLC is an unusual business model.

[–] [email protected] 4 points 2 months ago

That was my read as well, but the author didn't make it very clear. I suppose since there wasn't any effort to restore a "clean" version means, it's likely that it was intentional.

[–] [email protected] 3 points 2 months ago

Super interesting method of entry. It makes a lot of sense as an attack vector. Steam doesn't have a very rigorous process for checking what they offer on their platform & most customers don't check their games before running them.

I'm honestly suprised it hasn't happened more frequently. I wonder if the amount of press this particular incident is getting will cause steam to change their process for publishing games.