And it is very easy to detect you’re in a virtual environment and not do those things, or have a date to trigger the changes or something. The game had been out for a while when this happened without any issues. I just dug a little bit and it was opening a back door apparently, so as long as the attacker did nothing at that time it would have been impossible to detect. You had to know that it was malicious to look for it, then it was quite obvious, but with Valve needing to vet millions of games it’s not feasible to do a full scan of every update of every game.
pulsewidth@lemmy.world 3 days ago
Its “not feasible to do a full scan of every update of every game”?
My friend the scans are automated. Is Steam strapped for cash this month?
Honestly the apologia here for Steam is pretty rank.
Nibodhika@lemmy.world 3 days ago
No automated scan would have captured this, only a paid professional dedicating some time would (and only because this was an obvious attempt, a more subtle one would go unnoticed even by an expert) and that is not feasible.
pulsewidth@lemmy.world 3 days ago
It literally contained a known version StealC malware in its payload, and had basic python scripting with the Telegram bot code and access tokens left visible to researchers (very bad OSINT). This was not sophisticated scripting, nor novel malware, just some script kid that sourced the whole setup on Telegram. The malware would easily have been captured by a competent security company’s automated scanner.
bleepingcomputer.com/…/verified-steam-game-steals…