FBI seeks victims of Steam video games used to unfold malware

The FBI is asking avid gamers who put in Steam titles containing malware to offer data as a part of an ongoing investigation into eight malicious video games uploaded to the gaming platform.

In a discover revealed at this time by the FBI’s Seattle Division, the company mentioned it’s making an attempt to determine people who had been affected after putting in one of many malicious video games on Steam between May 2024 and January 2026.

“The FBI’s Seattle Division is seeking to identify potential victims installing Steam games embedded with malware. The FBI believes the threat actor primarily targeted users between the timeframe of May 2024 and January 2026,” reads the discover.

“In the investigation, several games have been identified to include, BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova.”

“If you and/or your minor dependent(s) were victimized from installing one of these games or have information relevant to this investigation, please fill out this short form.”

The questionnaire signifies that the FBI is targeted on cryptocurrency theft and account hijacks after the set up of the malware, asking questions on cryptocurrency transactions, compromised accounts, and stolen funds.

The kind additionally asks for any screenshots of communications with people who promoted the video games, which may assist investigators observe the stolen cryptocurrency and hint it to those that distributed the malware.

“The FBI is legally mandated to identify victims of federal crimes it investigates. Victims may be eligible for certain services, restitution, and rights under federal and/or state law. All identities of victims will be kept confidential,” the FBI advised BleepingComputer.

“The website and email listed in the mass notifications sent on March 12, 2026, are official and authorized by the FBI. At this time, the FBI is unable to provide specific details beyond the information referenced on the website in the email notification to customers.”

The FBI can also be asking anybody who is aware of somebody who might have been affected to encourage them to submit an inquiry to Steam_Malware@fbi.gov. 

BleepingComputer additionally despatched inquiries to Valve concerning the investigation, however didn’t obtain a reply to our e-mail.

Malware hidden in Steam video games

Multiple malicious video games found on Steam over the previous two years have distributed information-stealing malware designed to reap credentials, cryptocurrency wallets, and different delicate information from gamers’ gadgets.

One of essentially the most notable circumstances concerned BlockBlasters, a free-to-play 2D platformer out there on Steam from July to September 2024. While initially uploaded to Steam as a clear program, cryptodrainer malware was later added to the sport.

News that the Steam recreation was malicious was revealed throughout a livestream by online game streamer Raivo Plavnieks (RastalandTV), who was elevating cash for most cancers therapy.

After downloading the verified Steam recreation, the streamer reported shedding greater than $32,000 from his cryptocurrency pockets.

Blockchain investigator ZachXBT later estimated that attackers stole roughly $150,000 from 261 Steam accounts. Cybersecurity researcher VX-Underground later reported the next depend of 478 victims.

In the malicious Chemia survival crafting recreation, a menace actor often called EncryptHub added the HijackLoader malware, which downloaded the Vidar data stealer. It was later found that the sport additionally put in EncryptHub’s customized Fickle Stealer malware, which steals credentials, browser information, cookies, and cryptocurrency wallets.

The PirateFi recreation additionally distributed the Vidar infostealer and was out there on Steam for a couple of week in February 2025. Up to 1,500 customers might have downloaded the sport earlier than it was faraway from Steam.

Steam later warned players who launched the sport that malicious information might have been executed on their computer systems and suggested them to run antivirus scans, overview put in software program, and think about reinstalling their working system.