A free-to-play game on Steam has been discovered to contain dangerous malware designed to steal user credentials and sensitive information. Valve has removed the game, called PirateFi, from its storefront after confirming the security threat.
The malicious game appeared on Steam on February 6 and was active for several days before being delisted. While the exact number of affected users is unknown, estimates suggest a few hundred players may have downloaded the compromised software.
Users reported their antivirus programs detecting a trojan called "Win32.Lazzzy.gen" when attempting to launch the game. In multiple documented cases, the malware successfully stole passwords and browser cookies, leading to unauthorized account access. In one severe instance, attackers gained control of a Microsoft account, blocked support access, and used it to distribute scam links to the victim's contacts.
Security researchers identified the malware as likely being the Vidar info-stealer, capable of harvesting:
- Browser history
- Cryptocurrency wallet data
- Saved passwords
- Two-factor authentication codes
- Browser session cookies
The game's developers appear to have used purchased template assets to bypass Steam's security screening. Affected users may find a suspicious file named "Howard.exe" in their AppData > Temp directory.
Valve is alerting accounts that downloaded PirateFi during the affected period. The company recommends that users:
- Perform thorough virus scans
- Consider reformatting their devices
- Clear all browser data
- Change passwords for all online accounts
The incident serves as a reminder for users to exercise caution when downloading free games from unknown developers, even on established platforms like Steam.