A free game published on Steam, BlockBlasters, was removed after it was confirmed to include malware capable of emptying cryptocurrency wallets and harvesting sensitive data. It remained accessible for several weeks, with positive reviews that were apparently fake, before the platform acted.
The case came to light following a live stream in which the creator of RastalandTV, who is undergoing treatment for Stage 4 sarcoma, saw more than $30.000 disappear from his funds in a matter of minutes. Investigators such as Zach XBT and the collective vx-underground The alerts were amplified, and the title became considered a "suspicious app» before its elimination.
What happened to BlockBlasters
BlockBlasters, attributed to the studio Genesis Interactive, was launched in late July as a free-to-play retro aesthetic. In appearance everything was normal, but the August 30th, XNUMX An update arrived that changed the landscape: that post-release patch activated a cryptodrainer and information theft tools on the computers of those who installed it.
Since then, the security community and various media outlets began to detect that the title was not only aimed at crypto wallets, but also browser cookies, Steam sessions, and possible payment data. SteamDB marked it as suspicious and G DATA He reported the abnormal behavior days before the attack on the streamer was made public.
How the malware operated and the timeline
The investigation indicates that the malicious component was introduced through a post-release patch, disguised as just another update. When the game started, they were executed scripts and executables that collected information from the system, tried evade antivirus and sent the data to external servers.
Among the technical clues that have been spread are batch and binary files that acted as rear doors, in addition to password compressions to make it difficult to detect. The result was a silent theft while the user thought they were testing a Platformer innocent.
The victim who uncovered the fraud
The episode that changed everything was the live broadcast of RastalandTV, who agreed to try the game after being contacted by a third party. Minutes after installation, his wallet was emptied, resulting in a loss estimated at between 30.000 and $ 32.000The scene, broadcast live, demonstrated the true extent of this type of deception.
The community and researchers reacted quickly. Amplification from profiles like ZachXBT and vx-underground's posts helped the incident gain traction, and Valve proceeded to remove the store listingBy then, the game had been around the charts for over a month with a 86% positive reviews, allegedly inflated with bots.
“A streamer was the victim of a live campaign crypto drain", summarized vx-underground when reporting the case, emphasizing that the title had remained active on Steam while the malware did its work.
Valve's response and ignored signals
Valve has filters and processes in place to stop malicious content, but Reviewing each patch and each build is complex on a platform with thousands of releases. In this case, there were early warnings: G DATA reported the risk and SteamDB flagged it as suspicious, yet the game was not immediately removed.
The company removed BlockBlasters when the scandal had already broken, and although the backlash cut off distribution, the damage was already doneThe incident reopens the debate on prior controls and abuse of manipulated reviews to generate artificial trust.
How to protect yourself against similar cases
With the increase in scam attempts in the form of "games" or malicious patches, it is advisable to take extreme caution, especially with little-known or recent titles.
- Distrust of projects with no verifiable presence on the web or networks, and of suspiciously uniform reviews.
- Keep your browser, antivirus and Steam up to date; if you've tried BlockBlasters, change your passwords and enable 2FA.
- For crypto assets, consider using cold wallets and segments funds to minimize impacts.
- In case of any unexpected update, check permissions and the source of the installer before running.
The BlockBlasters case illustrates the extent to which a seemingly harmless patch can creep into the daily life of a massive platform. Between early warnings that didn't arrive in time, fake reviews, and a victim who suffered it live, there's a sense that there's room to strengthen controls and, above all, for users and creators to adopt more prudent habits against downloads and links that promise “free games.”
