FBI Arrests Man Accused of Using Steam Games To Drain Victims' Crypto Wallets (techcrunch.com) 13
The FBI arrested a Florida man accused of uploading fake Steam games containing malware that stole passwords, data, and cryptocurrency wallet credentials from victims. Prosecutors say the scheme infected about 8,000 people, compromised roughly 80 crypto wallets, and stole at least $220,000 through games that appeared legitimate but secretly carried malware. TechCrunch reports: On Tuesday, the FBI arrested Zyaire Wilkins, a 21-year-old Florida resident and student. On Wednesday, prosecutors accused him and a number of unnamed co-conspirators of hacking crimes. Over the past two years, Wilkins and his partners allegedly published several malware-laden video games on Steam, including BlockBlasters, Dashverse, Lampy, Lunara, and PirateFi. Using that malware, says the FBI, Wilkins and his accomplices infected around 8,000 victims, and then hacked around 80 cryptocurrency wallets to steal at least $220,000 worth of crypto. Wilkins and the others marketed their malicious video games on Discord, LinkedIn, and Telegram, according to the authorities.
[...] After the FBI identified another person involved in the crimes, according to the complaint, federal agents interviewed them. The unnamed person said they worked with other people to raise money to launch and market the malicious games in return for sharing some of the stolen cryptocurrency. The FBI identified a specific crypto account involved in the scheme, and then traced cryptocurrency payments made with that account to buy several gift cards, including for UberEats. After subpoenaing Uber, the feds were able to see that the gift cards were linked to an account that made deliveries to Wilkins, who went by the nickname Sibel.eth online, according to the complaint. The feds then got a search warrant for Wilkins' residence, where they seized his MacBook laptop, cellphones, other devices, and digital wallets. According to the complaint, he refused to speak or answer any questions.
[...] After the FBI identified another person involved in the crimes, according to the complaint, federal agents interviewed them. The unnamed person said they worked with other people to raise money to launch and market the malicious games in return for sharing some of the stolen cryptocurrency. The FBI identified a specific crypto account involved in the scheme, and then traced cryptocurrency payments made with that account to buy several gift cards, including for UberEats. After subpoenaing Uber, the feds were able to see that the gift cards were linked to an account that made deliveries to Wilkins, who went by the nickname Sibel.eth online, according to the complaint. The feds then got a search warrant for Wilkins' residence, where they seized his MacBook laptop, cellphones, other devices, and digital wallets. According to the complaint, he refused to speak or answer any questions.
Caveat lessor (Score:3)
(I think this would make the charges more difficult to prove, but probably only enough to get him a better plea offer.)
Re: (Score:2)
He was so smart that he left a trail directly to himself.
Re: (Score:2)
consent to the wholesale appropriation of your data in the software license agreement
If you can find out which device my data is on, fine. But it's probably not on the same hardware or subnet as your filthy little game is.
Was it (Score:1)
The CEO of Steam/Valve?
Re: (Score:2)
His take is only 30%.
Why are games not run in sandboxes? (Score:3)
Why doesn't Steam or Windows run video games in their own sandbox?
Even Linux with proton does that or can do that.
Flatpak/snap has its issues with sandboxing but video games don't need to access external files.
Does it have to do with DRM?
What is the reason?
Re: (Score:2)
Proton does NOT sandbox.
It would be nice if steam did some kind of apparmor or something for games or itself, but there are times when games want to read stuff from the filesystem that seems unrelated.
Re: (Score:2)
there are times when games want to read stuff from the filesystem that seems unrelated
And what will they do if I say, "No"?
Re: (Score:2)
Maybe crash, maybe not.
Re: (Score:2)
And what will they do if I say, "No"?
Stupid question.
You are not even asked ...
Crypto wallet keys how stored? (Score:3)
How are people storing the keys to their crypto wallet?
How are people with $200k in their crypto not buying a hardware wallet? Or were they coinbase logins?
Re:Crypto wallet keys how stored? (Score:4, Informative)
Furthermore, why wouldn't you protect your stuff with MFA? Does coinbase not offer that? I'd likely not want to deal with any financial company that can't be bothered to have some kind of MFA.
Crypto is a bad joke anyway. Scammers robbing scammers.