Cryptojacking Case Caught on Steam!

Steam removed an indie game named “Abstractism” by Valve, a game developer company, famous for its digital distribution platform, after there were suspicions about it mining cryptocurrencies by using the players computers.

Speculations about the game rose when players noticed that the game put strange items on sold. In one occurrence, a player named PoorAsianBoy, while playing Team Fortress 2, bought an item, Strange Professional Australium Rocket Launcher which was in fact a replica of the original item of Team Fortress 2. This replica of the original item in the Steam market looked exactly similar to the original item, except that it did not work.

The player shared his story on a gaming platform, where this scenario caught the eye the YouTuber, SidAlpha, a channel that posts game play footage. SidAlpha along with some other gamers looked into the matter for weeks, trying to figure out what was going on. Finally, this Sunday, on the 29th of July 2018, SidAlpha spilled the beans in his YouTube video.

On investigation, SidAlpha came across 190 items that were produced by Abstractism, many of which were just trolling items. SidAplha also came to the fact that the game had also been accused of both containing a virus and being a crypto miner. After installing the game himself, he ran a scan on the suspicious executable files of Abstractism, and discovered that the files contained a Trojan virus which allowed remote execution of commands.

The execution file of Abstractism triggered Windows Defender alerts, and tripped anti-virus software. The source of the resource-hogging and malware alerts, as believed, was malicious software embedded in the game that allegedly hijacked their machines and looped them into a cryptocurrency mining operation.

It was also noted that the game took a lot computer power regardless of being a simple 2 D game of moving blocks. When the issue was taken on discussion forums where the game was suspected to have been mining for cryptocurrencies, the developer of the game, okalu.union replied:

“Abstractism does not mine any of cryptocurrency. Probably, you are playing on high graphics settings, because they take a bit of CPU and GPU power, required for post-processing effects rendering.”

In another reply, to one of claims that Abstractism mines cryptocurrencies, okalu.union replied:

In his further investigation, SidAlpha found out that on 23rd of July, Abstractism released a feature via which the game would have scheduled item drops. According to the guidelines:

  • Drop time is dynamic and increases after each drop (you need 15 minutes to receive the first drop, 30 minutes for the second drop, 60 minutes for the third drop and so on)
  • You receive more rare items if your playtime is long (“60 minutes” item drops are better than “15 minutes” drops)
  • You can get up to 7 items every week before the drops stop
  • Drops limit resets on friday and you should be in game to allow Abstractism reset it
  • Special items can be dropped on special occasions! It could be worth playing Abstractism on popular holidays

This made SidAlpha cynical, who after his research said that the item drop times were designed in a way as to mine cryptocurrencies.

Following SidAplha’s video on Sunday, Valve removed the game from Steam on Monday, July 30.

“We have removed Abstractism and banned its developer from Steam for shipping unauthorized code, trolling with content, and scamming customers with deceptive in-game items,”

A Valve spokesperson told Motherboard in an email

However according to Motherboard, Valve did not speak to the nature of the unauthorized code and did not respond to questions about it being cryptocurrency mining software.

SydAlpha aslo talked to Motherboard on Skype, where he said:

“There’s been a couple of instances in the past where there’s been a crypto miner or some form of virus [in a Steam game] but that’s been extremely rare,”

However, last year, players of the popular game, Fortnite were scammed into downloading cryptocurrency mining malware, disguised as cheats for the game.

Scamming is not new to the gaming industry. Selling counterfeit digital goods on the grey market is an updated version of an old scam involving Steam’s digital trading cards. Valve cracked down on the old scammers, but as Abstractism proved to be more clever and found a new way to make money.

In his video SidAlpha also said that gamers need to be careful with such scams and share and report if they find such suspicious activity. Further emphasizing on how important diligence is, especially when games are highly susceptible to such activities. There is no knowing how many players became victims of Abstratisms’ plot, however, according to Steamspy – a site that mines information about Steam games, some 6,000 users have downloaded the game.

Qirat Ayaz

Passionate about robots and how the robotics is changing everything around us. Writes about startups in the blockchain space. Contact the editor at editor.startups@blockpublisher.com

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.