The FBI is looking for victimized Steam users who downloaded games with hidden malware — Investigation underway into multiple infected titles from 2024 to 2026
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
You are now subscribed
Your newsletter sign-up was successful
An account already exists for this email address, please log in.
Subscribe to our newsletter
The Federal Bureau of Investigation (FBI) has seemingly launched, or at least made public, a new investigation into malware-ridden fake games on Steam. Anyone who installed and played one of these games between 2024 and 2026 was likely affected, and the FBI is urging them to come forward. Victims of these malware-embedded titles will help with the investigation and be kept completely confidential.
There are several games part of this list, including Chemia, Dashverse / DashFPS, Lampy, Lunara, PirateFi, Tokenova, and BlockBasters. Most of these have their own dedicated stories from the time they were released, and stole victim info and compromised their accounts. BlockBasters is the most high-profile mention here as the game exfiltrated $32,000 worth of cancer donations from a streamer last year.
Moreover, pretty much all of these games — and likely more that the FBI didn't explicitly name — are crypto scams that drain your wallets once launched. Most people are logged into every website on their browser, which only makes the perpetrator's job easier as the automated attack ransacks everything. Even your Steam account will be hijacked, and you might lose access to your library.
Article continues below
The frequency of these thieving games has only gone up in the past few years despite Valve's efforts to regularly combat them. It's likely that the influx of new releases overpowers the vetting system, letting a few bad apples through. In some cases, subsequent updates or patches introduce the malware, letting the base game pass Steam's checks. That's why it's important to provide any relevant info that can help the authorities catch and/or prosecute these criminals under federal law.
You can fill out the "Seeking Victim Information" form on the FBI's website if you've been affected. If you know someone else who was targeted by these fake, malicious Steam games, then send an email to Steam_Malware@fbi.gov. In any case, the process is entirely voluntary, but if you choose to step up, you might be followed up with later based on your responses.
Hassam Nasir is a die-hard hardware enthusiast with years of experience as a tech editor and writer, focusing on detailed CPU comparisons and general hardware news. When he’s not working, you’ll find him bending tubes for his ever-evolving custom water-loop gaming rig or benchmarking the latest CPUs and GPUs just for fun.
That's a poor analogy, one is opt-in with terms and conditions while the other is neither.
I would not hang a hat on such a specious coat rack.
When Google introduces the world to a plainly stated, 20-word-or-less terms and conditions then let's see.
Right now these Terms and Conditions contracts with the check box at the bottom are usually a billion words long, so who of the users actually know that at paragraph 126 thousand there's a clause there that says you legally allow them to do spyware?
Let's see Google do a five word Terms and Condition agreement:
"We will spy on you."(Click here if you agree)
Yeah. No. Ain't happenin. They bury it deep and hide it behind flowery language. Oh its telemetry, oh its for your own good, oh its for a personal experience. See! We spy on you to help you! I think George Orwell wrote something like that.
Unless gaben automates the inspection of games submitted, they are going to have problems, since their workforce is very small indeed. Prolly no more than 200 people in charge of a company that takes in billions, is the number one digital distribution platform for games and releases on the order of 20.000 games a year.
Since 2020 their releases have doubled to 20k. How do you keep track of 20.000 games to make sure that they are not doing your users any harm?
And to do all of the above post release as well?
Just in the last few years alone stories keep cropping up about steam hosting malware itself as well as selling games that are loaded with malware or worse. This is just the latest in a string of bad news for steam. They are also being sued by the US government now for their loot boxes. Me thinks they dont have a leg to stand on as they are gambling and kids should not be doing that. Your view may differ
