Right before Black Friday, traditionally a big day for gaming service Steam, it’s suffering from malware being spread through links shared in Steam Chat. The malware is in a .SCR file, which looks like a screensaver.
The file is being shared by chat phishing – see the image below. A steam user claiming to know you shares a bit.ly link, which leads to a file with an .SCR extension, but installs malware that is able to steal items from your Steam inventory.
Panda Security employee Bart Blaze explains on his blog what to do if you download the malware:
– Exit Steam immediately
– Open up Task Manager and find a process called temp.exe, wrrrrrrrrrrrr.exe, vv.exe or a process with a random name, for example 340943.exe
– Launch a scan with your installed antivirus
– Launch a scan with another, online antivirus
– When the malware has been disinfected or deleted, change your Steam password – if you use the same password for other sites, change those as well
– Verify none of your Steam items are missing
As the malware is being spread by phishing methods – essentially users trying to trick you into clicking links, the advice is simple: do not click on links or accept friend requests from people you don’t know at all, and certainly don’t install files from sources you don’t trust.
Follow Jonathan on Twitter: @jonathanriggall