Steam users are being warned to be on their guard after criminals created rogue browser add-ons designed to steal from the accounts of video games fans.
Security researcher Bart Blaze describes how a Steam user has created a number of Chrome browser extensions for online first-person shooter “Counter-Strike: Global Offensive” (also known as CS:GO).
Don’t be in too much of a hurry to install the Chrome extensions, however, which have names like CSGODouble Theme Changer, CS:GO Double Withdraw Helper, Csgodouble AutoGambling Bot and Improved CSGODouble.
With the extensions installed in your Chrome browser, your Steam inventory items will be stolen, and items you attempt to trade with other Steam users will actually end up with the scammer behind the extensions instead.
Bart Blaze says that examination of the rogue Chrome extensions’ code reveals that the userid of the Steam user that will receive the stolen goods, and has linked them with a user calling themselves “Delta”.
The good news is that it is fairly simple to uninstall an unwanted Chrome extensions:
To remove an extension from Google Chrome:
- On your browser, click menu .
- Select More tools > Extensions.
- On the extension you want to remove, click Remove from Chrome .
- A notice to remove the extension will appear. Click Remove.
Remember, the fact that an add-on or extension has been made available for your browser is no guarantee that it hasn’t been coded with malice in mind.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.