• 2 min read
FBI says Steam malware games stole $220,000 in crypto
Prosecutors accuse a 21-year-old Florida man of uploading malware-laced Steam games that infected 8,000 victims and drained 80 crypto wallets.

Image: TechCrunch
U.S. prosecutors have charged Zyaire Wilkins, a 21-year-old Florida resident and student, over an alleged scheme that used fake games on Steam to infect players' PCs, steal data, and empty crypto wallets. The FBI arrested Wilkins on Tuesday, and prosecutors on Wednesday accused him and unnamed co-conspirators of hacking-related crimes.
According to the criminal complaint, the group spent the past two years publishing malware-laden titles on Valve’s PC gaming platform, including BlockBlasters, Dashverse, Lampy, Lunara, and PirateFi. The FBI says the malware infected about 8,000 victims and was used to compromise around 80 cryptocurrency wallets, stealing at least $220,000 in crypto.
Authorities say the games were promoted on Discord, LinkedIn, and Telegram. The titles were built to appear legitimate enough that players could install and run them, even as the malware operated in the background. Over the last year, Valve has removed several malware-tainted games from Steam, including PirateFi.

Recommended reading
ClickLock hammers Macs until users hand over passwords
The case follows an FBI announcement in March that it was investigating a hacker suspected of using Steam-distributed games to compromise victims. In that notice, the bureau asked anyone who had downloaded the games named in this week’s complaint to come forward with evidence.
According to the complaint, investigators identified another person involved in the operation, who told agents the group raised money to launch and market the games in exchange for a share of the stolen cryptocurrency. The FBI then traced a crypto account tied to the scheme to purchases of several gift cards, including UberEats cards. After subpoenaing Uber, agents found the gift cards were linked to an account used for deliveries to Wilkins, who allegedly used the online nickname Sibel.eth.
Federal agents later searched Wilkins' home and seized his MacBook, cellphones, other devices, and digital wallets. The complaint says he refused to answer questions. Wilkins' lawyer did not respond to a request for comment.
Security Editor
Sophia unpacks the invisible wars happening on our networks. Covering cybersecurity, privacy legislation, and cryptography, she exposes how our data is weaponized and defended. Before joining for(geeks), she spent years as a penetration tester. She's the reason the rest of the team uses physical security keys.
via TechCrunch


