WTF? Malware spreads via Steam chat

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Steam malware If you are one of the many people enjoying playing games via Steam this holiday season, be wary of chat messages inviting you to click on a link.

Messages have spread between Steam users saying “WTF?????” linking to what appears to be a JPEG image file.

However, if you click on the link you will actually find yourself downloading a .SCR Windows executable file, containing malicious code.

Below you can see a screenshot of a malicious Steam conversation (details have been censored to protect the innocent), where a user eventually realises they had been compromised:

Sign up to our free newsletter.
Security news, advice, and tips.

Steam chat

If you have seen a message similar to this then, in all likelihood, one of the contacts on your Steam friends list has had their computer infected by the malware and is spamming you and everyone else on their contacts list with the “WTF?????” message.

If you make the mistake of clicking on the link, and opening the downloaded file, your Windows computer could also become infected and your Steam credentials potentially stolen.

The problem of malicious .SCR files spreading across the Steam network is sadly not a new one. For instance, back in September researchers at MalwareBytes warned of the threat.

Presently, the VirusTotal service is only showing identification by a small number of anti-virus products, although it’s worth bearing in mind that security solutions use a variety of technologies to protect computers – not just those elements checked by VirusTotal.

My advice? Be very careful about the links that you click on via Steam chat – even if they appear to have been shared by your online friends.

Thanks to reader Rikev for bringing this threat to my attention.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

7 comments on “WTF? Malware spreads via Steam chat”

  1. Coyote

    "My advice? Be very careful about the links that you click on via Steam chat – even if they appear to have been shared by your online friends."

    I would extend this by (ironically by extending the point I am shortening the sentence) removing 'via Steam chat'. And indeed it applies also to those you know. In truth it applies to those you know even if you requested it from them: what if they aren't aware of a problem, for example? In short: while it might be that it is what it seems, it also might not be. The problem then, is that some don't recognise all the variables (and to be fair, so many new things pop up over time, it makes it much more difficult to keep track of – it isn't just being aware, it is actually having the right type of thinking that is part of you).

  2. Or… You could just mature, stop cussing like a teenager, and then your friends who know you don't curse, would see that link and KNOW you didn't sent it because language like that is below you. Ah I forgot… "Mature" is the worst rating… My how the world is twisted…

    1. Macko de pako · in reply to Micah Justice

      Ah yes, when all teens start acting mature the same slang will be used as bait.

      Ah "slang", said by many that is "wrong", and to introduce new things to language even if "seen" as others as "rude" to be wrong, wwah, waah. As if we the same is held for Shakespeare, but no, Shakespeare is ART! Because.. well um, we see "art" in it… I suppose………

      Adults these days really need to pull their heads out of their asses, it seems as with all their experience, they still do not understand what language is, philosophically… well if you understand. Here's a tip.. words mean nothing, its the meaning you put forward. In other sense, it doesn't matter as long as communication isn't held back.

  3. Finnishgamer

    This is exactly what happened to me at Christmas-night. I lost over 300€ worth of Steam items. I have made a ticket to Steam Support but they havent answered so does any of you have experience about this kinda thing? Is there a way to get back my stolen items?

    1. Anon · in reply to Finnishgamer

      I'm thinking steam will probably be nice enough to give you the games back (their customer service is quite good)

  4. Shodan

    I've been reversing a bunch of the malware that has been sent through steam. I'm thinking of doing a writeup soon about it. Most of them are pretty basic.

  5. bartblaze

    As an FYI, I had also blogged about this 2 months ago – including some recommendations on what to do if this happened to you. Read about that here:
    http://bartblaze.blogspot.com/2014/11/malware-spreading-via-steam-chat.html

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.