The U.S. Federal Bureau of Investigation (FBI) has expanded its investigation into a malware case distributed through the global game platform Steam and is publicly collecting victim information. The FBI Seattle Field Office recently announced through a notice that some games registered on the Steam platform between May 2024 and January 2026 may have contained malware, and stated it is conducting work to confirm whether users who may have installed those games have been affected.
Investigative authorities have confirmed the possibility that at least 7 games were distributed with malware embedded, and requested that users provide related information for victim identification. This incident is evaluated as a cybercrime case using a global game platform, simultaneously exposing issues in the gaming industry and digital platform security.
According to the FBI's disclosed investigation, the attackers appear to have created content that looked like normal games, registered them on the Steam platform, and then induced users to download them. During the game installation process, malware is simultaneously executed, and it is being investigated that there is a possibility of system information or personal information being stolen.
A total of 7 games have been confirmed as possibly containing malware during the investigation process. The FBI stated it is investigating the possibility that BlockBlasters, Chemia, Dashverse (DashFPS), Lampy, Lunara, PirateFi, and Tokenova were distributed with malware embedded. The current core stage of the investigation is the process of confirming who the actual victims are, and the FBI is requesting active information provision from users who may have installed those games.
Security experts analyze that this incident is highly likely to be a representative software supply chain attack case that exploited a game platform. Supply chain attacks are a method of distributing malware using platforms or programs trusted by users, and is a strategy increasingly used in recent cyberattacks.
The attack method presumed in this incident follows a relatively typical supply chain attack structure. The attackers first create programs that look like normal indie games and register them on the platform. They then induce users to download those games, and execute malware during the installation process. As a result, there is a possibility that user system information or account information is transmitted to the attackers.
The FBI believes the primary targets of this attack are likely young users. In particular, PC game users, indie game download users, and underage gamers are being raised as likely primary victims. In fact, the FBI notice also included a request for parents to check whether those games were installed on their children's PCs.
The FBI is currently investigating this case as a federal crime and is proceeding with victim identification work. If confirmed as a victim, victim support services, consideration of compensation possibilities, and legal rights guidance may be provided. The FBI also emphasized that victim identities will be thoroughly protected.
Regarding the investigation, the FBI is requesting that users with information about the case contact them through the following email.
Cybersecurity experts analyze that this incident shows that game platforms are emerging as a new attack vector. There are three main reasons why game platforms are attractive attack targets for hackers.
The first is user scale. Steam is a large platform with hundreds of millions of users worldwide, and attackers can access a large number of users through a single platform.
The second is the executable file-centered download structure. During game installation, executable file downloads and requests for system access permissions naturally occur. This structure may provide an environment advantageous for hiding malware.
The third is the indie game ecosystem. On platforms like Steam, many small-scale developers can register games, so it can be realistically difficult to perfectly verify all content. This structure has the advantage of vitalizing the creative ecosystem but can simultaneously act as a factor increasing security risks.
The FBI recommended that users comply with basic security guidelines. In particular, it emphasized being cautious about requests requiring personal information online, and being wary of investment solicitations or services claiming to recover money. It also urged caution regarding cyber fraud methods that demand additional fees. Cybercrime victims can report through the FBI Internet Crime Complaint Center.
This incident may also extend beyond a simple hacking case to the issue of platform security responsibility. Today, various digital platforms including app stores, game platforms, and online markets distribute numerous programs and content. Debate is growing about how far platforms must verify content in this process.
In particular, the fact that the cost of creating malicious software has decreased significantly with the development of AI and automation technology is also pointed out as a new security threat. Malware creation that required high technical skills in the past can now be accomplished much more easily through automated tools.
This Steam malware incident shows that game platforms are becoming part of the cybersecurity battlefield, not simply entertainment spaces. Game downloads are now directly connected to digital security issues that go beyond simple hobbies to potentially affect users' PCs, personal information, and even financial information.
As the platform economy grows and the speed of digital content distribution accelerates, security responsibility for platform operators will become an increasingly important issue going forward.
