Slam Posted June 11, 2021 Share Posted June 11, 2021 https://www.gdatasoftware.com/blog/steamhide-malware-in-profile-images https://threatpost.com/steam-gaming-delivering-malware/166784/ Apparently Steam avatars/artwork images are being used to host malware and allow its transfer between users with a specific program to decrypt them. Just thought this was pretty neat, but also this might eventually evolve and become an actual threat/problem for Steam users, so eh. Threatpost is saying the images download malware to your computer already, but I think that the chick that wrote it is on something else because GData (an actual Anti-Virus software company) is claiming that looking at the images and even downloading them doesn't do anything without having the proper program, so I'd take that second read with a grain of salt. Though it's definitely scary thinking about how maybe it really can one day evolve into accounts being hijacked just because you looked at someone's steam profile. Edit: re-worded the first sentence Link to comment Share on other sites More sharing options...
Abstract Posted June 11, 2021 Share Posted June 11, 2021 This is nothing new, it's a technique used in malware to prevent URLs from being blacklisted. I don't think loading an image on your browser will hijack your PC any time soon. An exploit (different from the malware described here) would be required for your Steam account to get hijacked from just opening an image on your browser. And yes, downloading the image and opening it normally won't do anything (even if it contains malware) because like they said in the article, the malware downloader is required to load and execute the additional malware embedded in that image. Link to comment Share on other sites More sharing options...
Slam Posted June 11, 2021 Author Share Posted June 11, 2021 10 hours ago, Abstract said: This is nothing new, it's a technique used in malware to prevent URLs from being blacklisted. I don't think loading an image on your browser will hijack your PC any time soon. An exploit (different from the malware described here) would be required for your Steam account to get hijacked from just opening an image on your browser. And yes, downloading the image and opening it normally won't do anything (even if it contains malware) because like they said in the article, the malware downloader is required to load and execute the additional malware embedded in that image. It's not a new method by any means, but it's the first time people have seen Steam being used as the method of transfer/hosting in this way. Gdata also claims that those responsible are "developing" this further and we could see something worse come out of it, though who knows what that can be. Link to comment Share on other sites More sharing options...
Zeus904 Posted June 11, 2021 Share Posted June 11, 2021 It's likely that valve will respond should it become an issue. They might do something regardless bc the whole thing is bad pr for them. All they would need to update (at the time of writing) is a quick ICC length check for uploaded images. Although it is worthwhile to check up on every now and again. Interesting read tldr: should this become problematic we'll know and valve will too. Link to comment Share on other sites More sharing options...
Vashta? Posted June 13, 2021 Share Posted June 13, 2021 On 6/11/2021 at 3:10 PM, Slam said: https://www.gdatasoftware.com/blog/steamhide-malware-in-profile-images https://threatpost.com/steam-gaming-delivering-malware/166784/ Apparently Steam avatars/artwork images are being used to I guess smuggle/transfer malware between users with a specific program to decrypt them? Just thought this was pretty neat, but also this might eventually evolve and become an actual threat/problem for Steam users, so eh. Threatpost is saying the images download malware to your computer already, but I think that the chick that wrote it is on something else because GData (an actual Anti-Virus software company) is claiming that looking at the images and even downloading them doesn't do anything without having the proper program, so I'd take that second read with a grain of salt. Though it's definitely scary thinking about how maybe it really can one day evolve into accounts being hijacked just because you looked at someone's steam profile. Threat or not definitely interesting what people can do, nice post Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.