Things are getting Twitchy

For all those Twitcher’s out there (myself included), you/we may want to be more vigilant as to what exactly we click on in the platform. It’s seems a new string of malware is spreading through Twitch’s chat feature with the aim of receiving clicks to suck an attached Steam account of funds according to security software maker F-Secure.

Spreading

Essentially, the malware is designed to spreads through messages posted to Twitch chat that promote unsuspecting users into entering a weekly prize draw. Once clicked, the link will open up a Java program will then present a false prize entry form.

If filled out and submitted the form (which, according to F-Secure, doesn’t actually get sent anywhere), the malware becomes active. Basically, the malware installs and runs a Windows binary which then forces access to your Steam account. Once in your account it will add additional friends, make and accept friend requests, trade your items, and even sell your items in the Steam market at a reduced price.

Wipe out

The malware will without doubt “wipe your Steam wallet, armoury, and inventory dry,” according to F-Secure. By selling your items at a discount on the Steam Market the attacker can sell anything he/she doesn’t like from your account and then buy themselves things they want.

The reason this has gone undetected until know is that because all this happens on your own system, it manages to swerve Steam’s security measures that prevent other unwanted visitors from logging into your account from another PC.

Recent events

Hours ago Twitch has announced that it has since managed to block the known link to the malware. But, Twitch still advice users to avoid clicking on anything they don’t recognise.

Twitch also state that users have the ability to block links from appearing in its chat facility, which can prevent others from posting malicious links.

Have you seen any suspicious looking links or even clicked on them in Twitch? Let me know.