CS2 fans targeted by Streamjackers — viewers swindled out of crypto and Steam valuables
Some fake live streams on remodeled hijacked accounts had 10,000+ watchers.

Cybercriminals are targeting the Counter-Strike 2 (CS2) community with streamjacking scams. According to Bitdefender Labs researcher Ionuț Băltăriu, these targeted attacks, using hijacked and faked eSports streamer accounts as trusted vectors, have been behind a spate of "stolen Steam accounts, cryptocurrency theft, and the loss of valuable in-game items."
Streamjacking attacks that can scam crypto from innocent gamers may sound rather futuristic. Still, the concept behind the con is pretty old – impersonating a trustworthy entity to get a victim to part with their valuables. In this case, the pattern behind the con trick was broken down step by step by Bitdefender, as follows:
- Scammers find legitimate YouTube accounts with existing subscriber bases that they can compromise and take over.
- After gaining account control they can rebrand a channel to impersonate well-known eSports streaming pros like "Oleksandr 's1mple' Kostyljev, Nikola 'NiKo' Kovač, or 'donk'," reports Bitdefender. The rebranding includes populating the channel with various old and looped streams.
- Once set up, the scammer then begins malicious live streams, looping old gameplay of the impersonated streaming pro.
- Scammers invite viewers to participate in live streaming events which include fake CS2 skin and cryptocurrency giveaways, observed Bitdefender. Specially tailored QR codes or fraudulent links are shared.
- Now for the payoff – victims are asked to log in with their Steam account for their free loot, or send crypto so it will be 'doubled'.
Anyone who gets reeled in past the Steam login or crypto-doubling scam stage will get ripped off. Their Steam accounts will be open to looting of valuable skins and items. Their crypto, which they hoped to be doubled, will never be returned.
Bitdefender says that the CS2 community has been the most prominent target of these scammers - but it is a massively popular competitive game with 26 million registered players (January 2025). It also notes that the popularity of prestigious recent eSports events like IEM Katowice 2025 and PGL Cluj-Napoca 2025 was exploited by the digital thieves. For example, fake live streams were themed or timed to coincide with these events, backed up with fake community posts and controlled comments.
The Bitdefender blog rather helpfully shares some advice to help gamers stay safe from potential digital deceivers. It is often good to be reminded of what may seem obvious telltale signs of skulduggery, so be super skeptical of: too-good-to-be-true offers, suspicious links and QR codes, or unfamiliar streaming channels. Folk should also set up Steam Guard and MFA, says the cyber security company. Last but not least, Bitdefender also recommends its Scamio (Discord) and Link Checker tools – which it says would flag the above attempts at grabbing your digital goods as "likely a scam."
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Mark Tyson is a news editor at Tom's Hardware. He enjoys covering the full breadth of PC tech; from business and semiconductor design to products approaching the edge of reason.
-
Shiznizzle "I got hacked"Reply
Is what you will read on the steam forums but upon digging they actually were dumb enough to give the log-in details away.
Very rarely does an account actually get hacked on steam.
Fraud is a serious business since they are able to con people out of billions of dollars a year. It pays cos idiots cant help themselves.
The "gimmie-it-now" culture of that "certain" age group that grew up while the net was spreading all too often fall for these tricks.
The difference between them and me is this. I see something drastically wrong with somebody wanting my steam log-in details. They dont.