★ INSERT COINNOW PLAYING: VENTURESHIGH SCORE: $100M ARR★ NEW STAGE UNLOCKED: ABOUT MEPRESS START★ DEMO DAY 04:00:00
★ INSERT COINNOW PLAYING: VENTURESHIGH SCORE: $100M ARR★ NEW STAGE UNLOCKED: ABOUT MEPRESS START★ DEMO DAY 04:00:00
◀ BACK TO FEED
NEWSCYBERSECURITYJUL 17, 2026

Steam malware case shows how functional apps can hide crypto theft

US prosecutors say malware hidden inside functioning Steam games infected about 8,000 devices and helped steal cryptocurrency from dozens of wallets.

Steam malware case shows how functional apps can hide crypto theft

US authorities have arrested a 21-year-old Florida man accused of helping distribute cryptocurrency-stealing malware through games uploaded to Steam.

What happened

Prosecutors allege that the suspect and unnamed collaborators uploaded games that appeared functional but contained malicious code. The malware allegedly infected around 8,000 devices, compromised approximately 80 cryptocurrency wallets and enabled theft of at least $220,000.

Investigators reportedly linked the suspect partly through cryptocurrency used to purchase gift cards associated with an Uber Eats account. The allegations have not been tested at trial, and the defendant is entitled to the presumption of innocence.

The case concerns alleged abuse of a legitimate software marketplace rather than a simple phishing link or obviously fake application.

Why it matters

Users often assume that software listed on a major platform has passed basic security checks. Attackers can exploit that trust by building an application that performs its advertised function while quietly stealing credentials or wallet information in the background.

Cryptocurrency wallets are especially attractive because stolen assets can be transferred quickly and transactions may be difficult to reverse.

The bigger picture

The incident highlights a supply-chain problem for software marketplaces. Security review cannot focus only on whether an app launches or delivers its stated features; platforms also need behavioural analysis, developer verification and monitoring after release.

It also shows that criminals can still leave identifiable financial and account trails. For platforms, the lesson is to combine automated malware detection with stronger review of new developers and rapid response when suspicious behaviour appears.

#STEAM#MALWARE#CRYPTO THEFT#SOFTWARE SUPPLY CHAIN#CYBERCRIME