A threat actor called EncryptHub has compromised a game on Steam to distribute info-stealing malware to unsuspecting users downloading the title. “The compromised executable appears legitimate to users downloading from Steam, creating an effective social engineering component that relies on platform trust rather than traditional deception techniques,” reads the report Prodaft shared with BleepingComputer. Meanwhile, the game remains available on Steam, and it is unclear if the latest version is clean of malware or still dangerous to download. A few days ago, the hacker (also tracked as Larva-208), injected malicious binaries into the Chemia game files hosted on Steam. “When users click on the Playtest of this game, which they find in the free games, they are actually downloading malicious software,” the researchers say. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. Chemia is a survival crafting game from developer ‘Aether Forge Studios,’ which is currently offered as early access on Steam but has no public release date. titled Chemia , also tracked as ‘,’ Fickle Stealer and HijackLoader malware on unsuspecting players who downloaded the title. EncryptHub used the same malware in a massive spear-phishing and social engineering campaign last year, which compromised over six hundred organizations worldwide. The developer of the game has not published any official statements on their game's Steam page or on social media. It is unclear how EncryptHub managed to add the malicious files to the game project but one explanation could be an insider helping out.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 24 Jul 2025 16:50:17 +0000