pulsewidth

@pulsewidth@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
The difference is that passworded zip files are used to distribute malware regularly. For a few reasons such as they’re very simple to use (malware creators are often lazy) and they can be generally be unpacked with preinstalled libraries or programs on the OS. A random encrypted file will require a DLL or runtime that can unpack the blob, and antivirus engines find that kind of stuff packaged together very sus.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Thanks for the effort digging. This does not actually point out any game doing it in particular though, and it’s actually a perfect example of a working antivirus picking up a suspect file (a password protected archive) in a game’s install tree.

This is from Aug 2024 and could even be from one of the games that distributed malware. Its absolutely something that Steam should be blocking/flagging for manual review, and a huge red flag that any developer would use this as a tool for distributing their game content.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Good it is not when the recommendation from security experts and reporters is to avoid any Steam games with low numbers of installs / reviews and betas from small companies. That’s where we’re at now.

bleepingcomputer.com/…/verified-steam-game-steals…

Nobody reviews game code, as game code is not supplied, only binaries with their relevant resources. There are many security providers that would be able to provide better service that whatever Valve is doing - but who knows, because they keep tight-lipped about it every time there’s an issue, and just patiently await their defenders to hand-wave any concerns.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
It literally contained a known version StealC malware in its payload, and had basic python scripting with the Telegram bot code and access tokens left visible to researchers (very bad OSINT). This was not sophisticated scripting, nor novel malware, just some script kid that sourced the whole setup on Telegram. The malware would easily have been captured by a competent security company’s automated scanner.

bleepingcomputer.com/…/verified-steam-game-steals…
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Citation please for any indie dev using passworded zip files to lock game content. That would be a pretty dumb approach given all retail security suites / antiviruses will flag a password-protected archive as suspect by default (because they’re so commonly used in the past to distribute malware).
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
All they’re expected to do is pay for upstream providers to scan their submissions (eg third party security providers), no need to hire new staff. This is the fourth instance publicized this year! They should communicate regarding issues like OPs - but like usual, it’s crickets.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
They’ve already missed four instances of malware this year that have been publicly reported. How many have other storefronts missed?

I don’t see why asking them out to improve is an unbalanced response or unfair, given the enormous budget they have and the market dominance.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Who said you need to pay more for games? Steam already takes thirty percent of sales (for the vast majority of sales), they are a $10b+ game distribution company… They’re worth more than several leading security/antivirus companies combined.

I just don’t understand the mindset people get around Steam. They are a business that makes a fortune distributing games, run by a billionaire - they are not a little indie company struggling under the weight of their success.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Well since Steam provide absolutely zero details about their scanning process (or even if it exists), seems like conversely people are making a lot of really complementary assumptions about Steam, no?

This is certainly not the first malware distributed by Steam - this is in fact the fourth publicly-known instance just this year.
Seems like they need to step up their game if you ask me.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
It had a password protected zip file in an update that hid the payload. That is pretty damn basic and would not have gotten past any retail antivirus program’s heuristic detection.

Chances are that Valve is treated as a ‘trusted publisher’ by Microsoft Defender and thus it bypassed the scan. The malware even payload explicitly checks that no retail antivirus was installed, and that Microsoft Defender was active, prior to attempting to extract and run its payload.

(See comments about for explicit details regarding the malware)
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Dumb take. There are many ways to scan software without needing access to the source code.

Do you think retail antivirus providers approach every developer of every program version to request a copy of their source code for review before they can verify it’d safe?
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
A password-protected zip file should have been flagged by Steam as suspect before they approved the update, its a very old and very common method for detection bypass.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
And there are so many ways to detect the bypasses. It’s an arms race, and the most profitable games store of all time should really have a cutting edge system to deal with it is all I said.

Windows should have better security too, but the two thoughts can be held in the mind at the same time.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Its “not feasible to do a full scan of every update of every game”?

My friend the scans are automated. Is Steam strapped for cash this month?

Honestly the apologia here for Steam is pretty rank.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Its also trivial for apps detecting any trivial attempts at scanning if they’re running in a VM to be detected, and masked.

Those are also valid concerns, but in an environment where admin rights are granted to games installers the vendor of the games (Steam) needs to adopt a highly curated and protective stance. To this date they provide zero details of their protection - their entire FAQ on malware on their store boils down to ‘if you find malware, please flag it on the store page for us to investigate’.

If anyone is gonna claim the steam store is highly curated… I’d point out to them that a very large amount of their store is shovelware asset flips with very few purchases and installs. There are over 150,000 games on Steam, and tens of thousands of them would fall into that category.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
I didn’t say they dont scan for malware, I said it “should be to a very high standard”, fully understanding they already do.
⁨Comment⁩ on ⁨Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
It really isn’t. Scanning code for vulnerabilities should be at a very high standard for the dominant and most wealthy game platform on Earth.

Very standard practice for malicious software scanning is to install the program in a virtual environment and then monitor its processes to see if it’s performing malicious activities: eg keylogging while a background process (eg alt-tabbed), or if it interacts with browser data (trying to get saved auth cookies or saved account info), running searches for strings that are common for crypto wallets, etc.

Its entirely possible that Steam has dropped the ball in a big way here.

I can only imagine the animosity in the comments if it was from a game on the Epic store or Ubisoft UPlay…
⁨Comment⁩ on ⁨YouTube will let users booted for 'repeated violations' of COVID, elections policies 'rejoin'⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
They are swinging with the political wind and falling behind the administration to get favourable legislation and preferential treatment.

If a heap of people die in the process due to misinformation - they don’t care.

~~Don’t~~, be evil.
⁨Comment⁩ on ⁨Ubisoft's Saudi-funded Assassin's Creed DLC provokes staff unrest, but the publisher insists partnering with the controversial regime is A-OK⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Is everything critical of Saudi Arabia Hasbara propaganda?

I hate Saudi Arabia’s leadership and brutal oppression of their people. Obviously, Kashoggi. Obviously, funding terrorism worldwide. Personally, a friend of mine witnessed a state beheading simply by being in the wrong place at the wrong time while he was working in SA (he was an Indian immigrant worker) - scarred him for life.

Hasbara are in the walls so I presume they saw me type that out and I’ll just patiently await my cheque.
⁨Comment⁩ on ⁨Anon doesn't fit in⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
When people are young adults, their attraction to their preferred sex is peaking, maybe you’re different, but for most people it does feel like a need.

Not that OP actually mentioned ‘need’ anywhere in their long post…
⁨Comment⁩ on ⁨Anon doesn't fit in⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Are we really at the stage of social collapse where people are confused by guys being attracted to women?
⁨Comment⁩ on ⁨I'd sign up⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Userbase: 9 users per City. None rurally.
⁨Comment⁩ on ⁨Say hello to Bary⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Thank you - my friend was only thinking in terms of smaller by mass not thinking about volume.
⁨Comment⁩ on ⁨Say hello to Bary⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Thanks for the explanation, clears it up completely.
⁨Comment⁩ on ⁨Say hello to Bary⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
My friend is silly - he was thinking of smaller as in by mass, not by volume. Thanks for explaining it to him.
⁨Comment⁩ on ⁨Say hello to Bary⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
My dumb friend wants to know why adding more mass would make Jupiter smaller, can you help explain it to him?
⁨Comment⁩ on ⁨Leave it to a Bezos-owned company to confuse customers and mislead them for profit.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Premium includes the stories that are critical of Amazon and billionaires, which Bezos usually has pulled from circulation.

/s
⁨Comment⁩ on ⁨No justice, no peace.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Save 30 seconds by not having to find the correct shims and just use your handy screwdriver.

What’s the worst that could happen?
⁨Comment⁩ on ⁨Anon remembers a family guy cutaway⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Fun fact: Kurt didn’t own a gun, the shotgun he killed himself with was bought by his friend Dylan Carson of the band Earth. So, even in this silly story about Nevermind lyrics being taken literally, he wasn’t lying. The song was also years before the gun was bought. Unrelatedly, I am fun at parties.
⁨Comment⁩ on ⁨AI was a common theme at Gamescom 2025, and while some indie teams say it's invaluable, it remains an ethical nightmare⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Yep that’s absolutely not what people are talking about when they say ‘climate change’ in this context, they mean anthropogenic climate change, and you know it. Your bad faith response shows you have no interest in an honest discussion.