Infected Steam game "BlockBlasters" downloads crypto stealer malware

Description

A 2D platformer game called BlockBlasters on Steam has been infected with malware disguised as a patch. The malicious update, released on August 30, 2025, contains files that exhibit multiple malicious behaviors, including stealing crypto wallet data and other sensitive information from users' PCs. The infection process involves multiple stages, including a trojan stealer batch file, VBS loaders, and the main payload consisting of a backdoor and the StealC stealer malware. The campaign affects hundreds of players who have installed the game. The malware collects IP and location information, detects installed antivirus products, gathers login credentials, and uploads data to command and control servers. The game has since been removed from Steam, but not before causing significant damage to unsuspecting users.