Popular Steam Wallpaper App Hijacked to Spread Dangerous Malware
Kaspersky said dozens of malicious wallpaper packages were downloaded thousands of times and could steal Steam credentials or install backdoors.
- Cybersecurity firm Kaspersky recently revealed that hackers have been distributing malware via Steam Workshop wallpapers for at least six months, targeting gamers with backdoors, infostealers, and ransomware through 'application wallpapers.'
- Wallpaper Engine, a desktop customization app with up to 50 million installs, supports interactive 'application wallpapers' that function as Windows executables, a vulnerability hackers have exploited to disguise malicious code.
- Attackers hide threats like Lumma and Vidar infostealers inside password-protected archives and install a custom version of "AggregatorHost.Dll." designed to search for and steal Steam account credentials.
- Valve removed the infected uploads following Kaspersky's report, but researchers warn that threat actors could easily re-upload new malicious content to the platform at any time.
- Experts recommend that users scan all Steam Workshop downloads with up-to-date antivirus software and stick to trusted creators when downloading custom content to avoid system compromise.
12 Articles
12 Articles
PSA: Steam's most popular PC background app was reportedly infected with malware via Wallpaper Engine's workshop
One of Steam Workshop's most downloaded apps, the Wallpaper Engine, has been reported as being weaponized by hackers and infecting its wallpapers with malware that can be used to hijack unsuspecting Steam users' accounts and steal their private info.
Steam users have received a new security warning after discovering a malware campaign distributed through Wallpaper Engine, one of the most popular desktop customization apps within Steam. The threat does not imply that Steam has been hacked or Wallpaper Engine is malware by itself, but attackers are abusing the Steam Workshop to upload seemingly legitimate wallpapers that actually include malicious code. According to Kaspersky, the campaign has…
Every day, many players use an application on Steam to create animated desktop backgrounds and load them to their PC. However, many of them currently contain malicious executable files. How does this get malware to the PC? With the popular app "Wallpaper Engine" users create and load dynamic backgrounds for Windows. Attackers tried to access account data from users while the program runs in the background. The problem: So-called "Application Bac…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
