Valve recently took down a game called PirateFI from its Steam platform after discovering it contained malware designed to steal sensitive data. Researchers found that the game was altered from an existing template, Easy Survival RPG, to distribute an info-stealer called Vidar, which is capable of extracting various types of private information from infected computers. Marius Genheimer from Falcon Team indicated that this method was a tactic for mass distribution of the Vidar payload, emphasizing that PirateFI likely was never a genuine game.
Vidar has been used in several hacking campaigns, including one attempting to steal Booking.com's hotel credentials, others with the goal of deploying ransomware, and another effort to plant malicious advertisements on Google search results.
Judging by the command and control servers associated with the malware and its configuration, we suspect that PirateFi was just one of multiple tactics used to distribute Vidar payloads en masse.
Collection
[
|
...
]