Valve pulled the game “Abstractism” from the Steam store after several sources on the internet stated the game was suspected to contain a cryptocurrency-mining bot. Youtube user SidAlpha and other bloggers on the internet flagged the game for very suspicious behavior such as the gaming package being flagged by antivirus software, the authors stating that the game should be left running in yhe background for extended periods of time, and the game taking up an extraordinary amount of GPU and CPU system resources at run time.
Steam is a digital distribution platform owned by the Valve Corporation that allows video game developers to publish to their platform. In this particular instance, it looks like a group of developers were able to compromise the supply chain of the platform and release a bogus game that performs cryptomining.
When the developers of the game were confronted with the findings that the game mines Bitcoin, the developer “Okalu Union” stated “Bitcoin is outdated, we currently use Abstractism to mine only Monero coins.” The developer then went on to contract the prior statement with “Abstractism does not mine any of cryptocurrency. Probably, you are playing on high graphic settings.”
Something very important to note is that in this case, developers went after a lack of controls in the software supply chain of the Valve platform to perform cybercriminal activity. All organizations depend on a variety of software supply chains to deliver legitimate software downloads and updates. The software supply chain will likely be a target for cybercriminal threat actors in the future and this trend will likely increase with progression of the threat landscape.
Proficio Threat Intelligence Recommendations:
- Make sure your organization has an acceptable use policy that bans the usage of applications that introduce risk to your organization such as gaming applications.
- Keep endpoint security controls such as antivirus and EDR (endpoint detection and response) up to date and and validate they work as a preventative control.
- Assess if your organization has MDM (mobile device management) software and assess if it allows the installation of unauthorized applications that may introduce risk to the organization.
General Information – Click Here