Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

FBI launches inquiry into Steam games spreading malware

The FBI is asking gamers who installed malware-infected Steam games between May 2024 and January 2026 to come forward as part of an ongoing investigation. The FBI is seeking gamers who downloaded Steam games later found to contain malware. According to a notice from the FBI’s Seattle Division, investigators are trying to identify victims who […]

Steam WordPress malware

The FBI is asking gamers who installed malware-infected Steam games between May 2024 and January 2026 to come forward as part of an ongoing investigation.

The FBI is seeking gamers who downloaded Steam games later found to contain malware. According to a notice from the FBI’s Seattle Division, investigators are trying to identify victims who installed one of eight malicious titles on the platform between May 2024 and January 2026 as part of an ongoing probe.

“The FBI’s Seattle Division is seeking to identify potential victims installing Steam games embedded with malware. The FBI believes the threat actor primarily targeted users between the timeframe of May 2024 and January 2026. In the investigation, several games have been identified to include, BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova.” reads the notice published by the Bureau.

“If you and/or your minor dependent(s) were victimized from installing one of these games or have information relevant to this investigation, please fill out this short form.”

The FBI must identify victims of federal crimes; responses are voluntary but can aid investigations, restitution, and services. Victim identities remain confidential.

“The FBI is legally mandated to identify victims of federal crimes it investigates. Victims may be eligible for certain services, restitution, and rights under federal and/or state law. Your responses are voluntary but may be useful in the federal investigation and to identify you as a potential victim.” continues the notice. “Based on the responses provided, you may be contacted by the FBI and asked to provide additional information. All identities of victims will be kept confidential.”

The FBI questionnaire focuses on cases of cryptocurrency theft and account hijacking linked to malware hidden in Steam games. Victims are asked about compromised accounts, crypto transactions, and stolen funds, and to share screenshots of communications with those who promoted the titles. The bureau said identifying victims is required by law and may enable restitution, adding that all identities will remain confidential.

The FBI asks anyone aware of other victims to have them contact Steam_Malware@fbi.gov.

Steam warned affected players to check for malicious files, run antivirus scans, review software, and consider reinstalling their OS.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, FBI)