FBI Seeks Info in Steam Malware Investigation

The Steam platform has become the focus of a growing federal investigation after malicious software was discovered inside several games distributed through the marketplace. The Steam malware investigation is being handled by the FBI’s Seattle Division, which is now attempting to identify individuals who may have installed infected titles between May 2024 and January 2026.

According to a public notice issued by the bureau, investigators believe several indie games available through Steam contained embedded malware capable of compromising the computers of players who downloaded and launched them. The FBI is asking affected users, or parents of minors who may have installed the games, to submit information that could assist in identifying victims and determining the scope of the campaign.

The titles identified in the investigation include BlockBlasters, Chemia, Dashverse (also known as DashFPS), Lampy, Lunara, PirateFi, and Tokenova. Authorities believe these games were distributed through Steam during the roughly twenty month window between May 2024 and January 2026 before the malicious activity was discovered.

Steam Malware Investigation Targets Seven Games

The FBI says the malware was embedded directly inside the game software packages distributed through the Steam platform. Once installed, the malicious code could execute alongside the legitimate application, allowing attackers to operate in the background without the user’s knowledge.

Investigators have not yet publicly identified the threat actor responsible for distributing the infected games. It also remains unclear whether all seven titles were part of a single coordinated campaign or if multiple developers were involved.

The games currently named in the Steam malware investigation include:

• BlockBlasters
• Chemia
• Dashverse / DashFPS
• Lampy
• Lunara
• PirateFi
• Tokenova

Anyone who installed one of these titles during the affected timeframe is being asked to contact investigators. The FBI says the information collected may help determine how the malware operated and how many users were impacted.

How Malware Can Be Distributed Through Game Platforms

Digital distribution platforms like Steam host tens of thousands of games from developers around the world. While major studio titles undergo extensive review and testing, smaller independent projects are often published through faster submission pipelines that allow developers to release games more quickly.

That open publishing ecosystem has helped expand the independent gaming market, but it can also create opportunities for malicious actors. If malware is embedded within game files before release, the software may be distributed to thousands of users before the issue is detected.

In many cases the game itself launches and appears to function normally while the hidden malware executes silently in the background.

Malicious software hidden in games can perform a wide range of actions depending on how it was designed. Common capabilities include:

• Stealing saved browser passwords and authentication cookies
• Extracting cryptocurrency wallet information
• Collecting Discord or gaming platform account tokens
• Capturing system data and hardware identifiers
• Downloading additional malicious payloads
• Allowing attackers remote access to the infected device

Because these processes occur behind the scenes, users may not realize their system has been compromised until accounts are hijacked or credentials appear in underground marketplaces.

FBI Seeks Victims to Determine Scope of Attack

The FBI says identifying victims is a required step in federal investigations involving cybercrime. Individuals who submit reports may be contacted by investigators for additional information about their systems, download history, or suspicious activity experienced after installing the games.

Authorities are particularly interested in determining:

• How widely the infected games were downloaded
• Whether the malware successfully stole data from victims
• If additional infected titles were distributed beyond the currently identified games
• Whether the campaign was operated by a single threat group

Victim identities submitted to the FBI will be kept confidential. The bureau notes that affected individuals may be eligible for certain victim services or protections under federal or state law depending on the outcome of the investigation.

Risks for Players Who Installed the Games

If the malicious software functioned as an information stealing tool, victims may face long term security risks even after the game itself is removed from their systems.

Stolen credentials and authentication tokens can allow attackers to access email accounts, gaming platforms, cryptocurrency wallets, and other online services. In some cases the data is packaged and sold in underground cybercrime markets where other attackers purchase access to compromised accounts.

Individuals who believe they may have installed one of the affected titles should take several precautionary steps:

• Remove the game from their system
• Run a full malware scan using trusted security tools
• Change passwords for Steam and other important accounts
• Enable multi factor authentication where available
• Monitor financial accounts and cryptocurrency wallets for suspicious activity
• Watch for login alerts from email, gaming, and social media platforms

Using reputable security software such as Malwarebytes can help detect malicious files and identify lingering threats on affected systems.

The Steam malware investigation highlights the security challenges facing large digital marketplaces that distribute software at massive scale. Platforms hosting thousands of titles must balance accessibility for developers with safeguards designed to protect users from malicious code.

While incidents involving malware hidden inside games remain relatively rare compared to other software threats, they can spread quickly because game downloads often involve large user communities and automated updates.

Security researchers frequently warn that attackers will continue exploring software distribution platforms as potential delivery channels for malware, particularly when those platforms allow independent developers to publish content rapidly.

The FBI’s investigation is ongoing as authorities attempt to identify victims, analyze the malicious code involved, and determine who was responsible for distributing the infected games.