US prosecutors have charged a Florida man with uploading fake video games containing malware to Steam, the popular PC gaming platform. Once victims downloaded and installed the games, the malware was designed to infect their computers, steal passwords and other data, and empty their crypto wallets. according to a criminal complaint.
On Tuesday, the FBI arrested Zyaire Wilkins, a 21-year-old Florida resident and student. On Wednesday, prosecutors charged him and several unnamed co-conspirators with piracy crimes. Over the past two years, Wilkins and his associates allegedly published several video games with malware on Steam, including BlockBlasters, Dashverse, Lampy, Lunara, and PirateFi. Using this malware, the FBI says, Wilkins and his accomplices infected about 8,000 victims and then hacked about 80 cryptocurrency wallets to steal at least $220,000 worth of cryptocurrency.
Wilkins and the others marketed their malicious video games on Discord, LinkedIn and Telegram, authorities said.
Wilkins’ attorney did not respond to a request for comment.
In March, the FBI announced it was investigating a hacker suspected of using video games embedded with malware posted on Steam to hack victims. In the announcementthe bureau called on the people who downloaded the malicious games, which included those named in this week’s complaint, to come forward and provide evidence to help the investigation.
Over the past year, Steam developer Valve has removed several video games from its platform after they were found to contain malware, including PirateFi. All of the games were designed to look legitimate, to the point that players could install and play them, but they all contained malware.
After the FBI identified another person involved in the crimes, according to the complaint, federal agents interviewed them. The unnamed person said they worked with other people to raise money to release and market the malicious games in exchange for sharing some of the stolen cryptocurrency. The FBI identified a specific crypto account involved in the scheme and then traced cryptocurrency payments made to that account to purchase multiple gift cards, including Uber Eats. After subpoenaing Uber, the feds were able to see that the gift cards were linked to an account that made deliveries to Wilkins, which was called Sibel.eth online, according to the complaint.
The feds then obtained a search warrant for Wilkins’ residence, where they seized his MacBook laptop, cell phones, other devices and digital wallets. According to the complaint, he refused to talk or answer any questions.
When you purchase through links in our articles, we may earn a small commission. This does not affect our editorial independence.
