Warning: Scammers Are Hiding Malware Behind Fake Steam Pages

Warning: Scammers Are Hiding Malware Behind Fake Steam Pages

Be careful what you click. You might think you’ve found a cool-looking new game on Steam, but it could be computer-infesting malware in disguise. Yeah, scammers are imitating entire game pages now.

Over the weekend, the makers of psychedelic adventure game Octopus City Blues were surprised to discover a perfect copy of their Steam page (warning: the “demo” download on that page contains malware) sitting in the “concepts” section of Steam. Name, trailer, screenshots, description — everything. There was, however, one big difference between the eight-legged clone and developer Ghost In A Bottle’s original slab of steamed cephalopod: updates that advertised an exciting new demo. Seven levels! An hour of playtime! They even mentioned the game’s very not-fictional Kickstarter. Clearly, these jerks did their homework.

Clicking the link, obviously, is a terrible idea. It goes to a malware-ridden download site. As soon as Ghost In A Bottle caught wind of this, they reported it to Valve and asked their fans to do the same. Days later, however, the page is still up, as is the extremely deceptive malware link. Nothing has changed.

“I reported the page and mentioned that I’m the creator of the original Greenlight page, and asked fans to report it as well, but it’s still up as you can see,” Octopus City Blues designer Firas Assaad told me via email. “There were a few comments on the fake page warning people, but it seems that they were deleted. If it stays up I might send a DMCA complaint since companies take them more seriously.”

This is not the only instance of this occurring recently, either. The makers of beat-’em-up Street Fist 2 have reported similar troubles:

Meanwhile, the creator of the fake Octopus City Blues page has one other game listed in Steam’s concepts section. This one is an illicit copy (warning: do not click the public beta download on that page) of RPG Garlock Online‘s page, and it advertises a public beta that, predictably, leads to a malware link. That one appears to have been up in various forms since late-March.

So yeah, be careful. It seems like people are out to take advantage of the fact that Valve isn’t doing much about this type of scam yet. I’ve requested comment from Valve, but as of publishing time they hadn’t replied. Here’s hoping they squash this scam faster than they have squashed, er, all the others, though.

Update: A similar incident occurred last month with multiple Steam Greenlight (as opposed to Steam Concepts) entries. Valve’s community moderators handled that problem after Valve caught wind of the issue. Here’s hoping the same happens here, sooner rather than later. Clearly, though, a long-term solution is needed.


  • I’m very surprised and somewhat concerned that this article links to the scam pages. In this day and age, people should be made very aware that going near any kind of scam site or page can potentially affect you, even if you don’t click on anything. Using hidden iFrames is a very popular technique to implement XSS or load Java based trojans (If you are one of the few who still use it) without you being aware. I’m not sure how much leeway authors have in their Steam page content but it’s better to stay away anyway.

    In summary, if you know a site is a scam the best thing to do is stay well away from it and don’t click any link to it, regardless of assurances that you will only be affected if you click something on the page.

    • Yeah I have to say that providing links is definitely not a wise move. If you want to show people how authentic looking the fakes are, screenshots or videos taken from a sacrificial machine that you either thoroughly scrub are a better move that won’t screw up people who click for curiosity’s sake and don’t know how to correct potential infections.

Show more comments

Comments are closed.

Log in to comment on this story!