PSA: Steam Scam Involving Fake Razer Comms Download Discovered
Malwarebytes intelligence analyst Chris Boyd has discovered a new Steam scam that unknowingly installs spyware on users PCs.
These days, Steam scammers are getting more and more clever, and using more and more sophisticated methods and programs, and now, Malwarebytes intelligence analyst Chris Boyd has discovered one of the most sophisticated yet. Instead of the usual fake Steam community pages [https://blog.malwarebytes.org/fraud-scam/2014/07/steam-account-phishers-caught-squatting/], this time phishers are using a fake Razer Comms download page as bait. For your information, Razer Comms is Razer's proprietary VOIP protocol, in the same vein as Mumble or Ventrilo.
Anyway, the fake page looks something like the one to the right, and is an exact copy of the official Razer Comms page. The Google Play link even links to the official Google Play store for the app, but the Download for Windows link simply rewards the user with spyware.
The bogus file it downloads to users PCs is an .scr file - a format that is very common in fake in-game trading scams. Boyd says that Malwarebytes should be able to detect and destroy the program, but is currently not "firing on all cylinders" and may occasionally let it slip by for whatever reason. For this reason, users should be especially cautious.
Once installed, the .scr file essentially sits on your computer as a keylogger, and will shoot off your passwords to phishers somewhere in the world.
Boyd says his team has managed to peek into the program's code, and has discovered that it points to a Russian gaming portal with multiple threads on hacking related topics, and some advertisements for a program that steals Steam user accounts.
"The most attractive way in for scammers where Steam accounts are concerned is trading," warns Boyd. "In most cases that we see, the name of the game is luring the victim outside of the trade system window. If you're being sent links to "previews" of items in Steam chat by strangers who started messaging you ten minutes ago? You may be on your way to a bad day."
So there you have it folks. Stay safe, and make sure to always double check everything you download to your PC!
Permalink
Malwarebytes intelligence analyst Chris Boyd has discovered a new Steam scam that unknowingly installs spyware on users PCs.
These days, Steam scammers are getting more and more clever, and using more and more sophisticated methods and programs, and now, Malwarebytes intelligence analyst Chris Boyd has discovered one of the most sophisticated yet. Instead of the usual fake Steam community pages [https://blog.malwarebytes.org/fraud-scam/2014/07/steam-account-phishers-caught-squatting/], this time phishers are using a fake Razer Comms download page as bait. For your information, Razer Comms is Razer's proprietary VOIP protocol, in the same vein as Mumble or Ventrilo.
Anyway, the fake page looks something like the one to the right, and is an exact copy of the official Razer Comms page. The Google Play link even links to the official Google Play store for the app, but the Download for Windows link simply rewards the user with spyware.
The bogus file it downloads to users PCs is an .scr file - a format that is very common in fake in-game trading scams. Boyd says that Malwarebytes should be able to detect and destroy the program, but is currently not "firing on all cylinders" and may occasionally let it slip by for whatever reason. For this reason, users should be especially cautious.
Once installed, the .scr file essentially sits on your computer as a keylogger, and will shoot off your passwords to phishers somewhere in the world.
Boyd says his team has managed to peek into the program's code, and has discovered that it points to a Russian gaming portal with multiple threads on hacking related topics, and some advertisements for a program that steals Steam user accounts.
"The most attractive way in for scammers where Steam accounts are concerned is trading," warns Boyd. "In most cases that we see, the name of the game is luring the victim outside of the trade system window. If you're being sent links to "previews" of items in Steam chat by strangers who started messaging you ten minutes ago? You may be on your way to a bad day."
So there you have it folks. Stay safe, and make sure to always double check everything you download to your PC!
Permalink
