Hackers Are Using Steam Desktop Wallpapers To Steal Windows Logins

steam live wallpaper malware hero
Researchers at security firm Kaspersky are warning Steam gamers to be on guard, as threat actors have started to distribute malware on Valve's platform via infected live wallpapers. This campaign displays just how creative hackers are getting these days to target victims as platforms become more locked down, even as users are wiser to online dangers.

Live wallpapers are created using the Wallpaper Engine app, which is a legitimate piece of software available on Steam. Users have a wide array of choices for how they make these animated wallpapers, including using video formats, HTML and CSS, or even full-fledged apps. The animated wallpapers created using this app are then shared by its sizeable community using the Steam Workshop.

steam live wallpaper malware body
One of the malicious wallpapers. Image by Kaspersky

The 'app wallpapers' are the kinds being deployed by threat actors, as it enables the execution of malicious code on a victim’s computer. Once a user launches the wallpaper everything will appear to be normal, but in the background the app will begin to install a backdoor such as DarkKomet or run malicious scripts.

Once the malware is installed on a machine it will first make a beeline for the user’s Steam credentials and immediately attempt to hijack the user’s account. Once the account has been taken over, the hackers will use it to upload even more infected wallpapers to further spread malware. Additionally, any valuable user data collected is sent back to a server controlled by the threat actors.

Users should always be mindful of what they’re installing on their systems regardless how trusted the source might be. As one of the researchers notes, "trusted platforms can be abused to distribute malware: the attacks rely on users trusting content hosted within legitimate ecosystems.” It’s something that will likely become more common going forward as other methods of compromising devices becomes less effective.
Alan Velasco

Alan Velasco

When Alan isn’t watching his favorite streamers on Twitch he’s writing about tech, gaming and cybersecurity.
 
Opinions and content posted by HotHardware contributors are their own.