The FBI's Seattle Division has launched a public call for victims after identifying seven Steam games embedded with malware that stole cryptocurrency and credentials from players over roughly two years.

The Games

The FBI listed the following titles as suspected malicious: BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova. Anyone who installed these games between May 2024 and January 2026 may have been affected. The FBI is asking victims to report at Steam_Malware@fbi.gov.

How the Attacks Worked

The games were functional enough to pass as real products but acted as Trojans — installing infostealers that harvested browser credentials, cookies, and cryptocurrency wallet data in the background.

BlockBlasters, a free 2D platformer, had cryptodrainer malware silently added after its initial clean upload. The attack was exposed mid-stream when content creator Raivo Plavnieks (RastalandTV) lost over $32,000 from his crypto wallet while live. Blockchain investigator ZachXBT estimated total losses at approximately $150,000 across 261 accounts.

Chemia, a survival crafting game, was linked to the threat actor EncryptHub — the same group responsible for breaching over 618 organizations. It deployed the HijackLoader, which fetched both the Vidar infostealer and a custom tool called Fickle Stealer.

PirateFi also distributed Vidar and was available on Steam for about a week in February 2025 before removal. Up to 1,500 users may have downloaded it.

What to Do

The FBI's questionnaire focuses on cryptocurrency transactions, compromised accounts, and stolen funds. Valve has not publicly responded to the investigation.

Anyone with information can also contact the FBI via the dedicated tip form at forms.fbi.gov.