Malicious gift: Christmas mod for Steam game hides Epsilon Information Stealer.

January 1, 2024
1 min read

Over Christmas, attackers gained access to the Downfall developer’s Steam account and compromised game downloads with a piece of malware called Epsilon Information Stealer. The malware was distributed through a mod on Steam for the indie game Slay the Spire. It infected the prepackaged standalone modified version of the mod, not the mod installed via Steam Workshop. The malware can steal passwords from internet browsers, cookies, Discord, Steam, and Telegram. The developer of Downfall recommends that affected users change their passwords and ensure their live protection is active. It’s important to use two-factor authentication for added security. This incident highlights the rise in information-stealing malware being spread through game community mods.

Latest from Blog

Janet L Rathod is the new CISO at Johns Hopkins

TLDR: Janet L. Rathod named chief information security officer at Johns Hopkins, bringing over two decades of experience in cybersecurity. Rathod has previously worked at Citigroup, Capital One, and the FBI, and