cross-posted from: https://programming.dev/post/37902936
- Forensic report compiled by the research collective behind the takedown of Block Blasters— Credit: 1989 on X/Twitter.
- G DATA Report.
For anybody wondering what is going on with $CANCER live stream… my life was saved for whole 24 hours untill someone tuned in my stream and got me to download verified game on Steam
After this I was drained for over 32,000$ USD of my creator fees earned on pumpdotfun and everything quickly changed. I can’t breathe, I can’t think, im completely lost on what is going to happen next, can’t shake the feeling that it is my fault that I might end up on street again or not have anything to eat in few days… my heart wants to jump out of my mouth and it hurts.
I won’t rewatch this myself but I have added a clip from the stream after I noticed what has happened.
also I have succesfully (CTOed) my creator rewards and they have been redirected to safe device.
Source: rastaland.TV on X/Twitter— Private front-end.
More context:
Yesterday a video game streamer named rastalandTV inadvertently livestreamed themselves being a victim of a cryptodraining campaign.
This particular spearphishing campaign is extraordinarily heinous because RastaLand is suffering from Stage-4 Sarcoma and is actively seeking donations for their cancer treatment. They lost $30,000 of the money which was designated for their cancer treatment. In the steam clip their friend tries to console them while they cry out, “I am broken now.”
They were contacted by an unknown person who requested they play their video game demo (downloadable from Steam). In exchange for RastaLand playing their video game demo on stream, they would financially compensate them.
Unfortunately, the Steam game was actually a cryptodrainer masquerading as a legitimate video game.
Source: vx-underground on X/Twitter— Private front-end.
Source: ZachXBT on X/Twitter— Private front-end.
Comments
People keep saying $32k was stolen by malware. No, that did not happen. Malware did not reach into someone’s bank account and withdrew $32k. Here is a simple fact. Crypto is not money. If your brain says something like “it works just like money, or it’s worth just as much as money so it’s basically money” then you’re most likely to get scammed at sometime in the future by putting your actual real money into crypto. It’s that simple.
No discussion, it is super shitty that someone stole the money.
But the real scandal is, that anybody needs to raise money, to get a cancer treatment.
America is the only country where this could occur, look yourself in the mirror…
At this point people should not keep substantial amounts of crypto on their main PC anymore. Either get a hardware wallet or an old smartphone or other device to dedicate to that purpose and not install anything else on it.
Yeah, like 100% not to victim blame, but that is what not to do 101
Maybe don’t raise money for your cancer treatment in the form of crypto? Hard lesson to learn for sure
I believe they were streaming on a platform that is built around cryptos
I don’t think it’s such a direct lesson since it could’ve been other financial information on there. Instead of a crypto key, the game could’ve installed a keylogger that read the player’s banking password later.
It’s more of a general warning that Steam games are not necessarily safe.
Oh crypto, can’t you go five minutes without being a scam?
… How long was that?
This isn’t a problem of crypto being a scam. The scam was a video game in this case.
If someone hides $30k in cash in their home, gets robbed, then the robber spends it all and dies penniless? The victim won’t get their money back. Same as this victim.
That’d make cash just as much of a scam as crypto in these two scenarios.
Crapto is a total scam. Stop putting your money into this damn Ponzi scheme.
I would have agreed a year ago.
But the only clearing houses for online transactions turned out to be a bunch right wing stooges that hate LGBT and Adult Games.
This seems way too hostile to valve for what this really was.
If it’s true that the malicious game has been available for a month then steam has some blame.
Why so? Assuming this is the 1st complaint against the game, what was steam supposed to do in the past month?
Obviously, Steam is supposed to vet the source code of every game thoroughly before it ever gets put up for sale.
I wonder how many people are taking your statement at face value without recognising the sarcasm…
It’s not sarcastic. That’s exactly how most of these platforms work behind the scenes. They run automated, dynamic and static analysis against all the app code looking for potentially harmful signatures.
Pretty sure Steam already does that. And no automated (or even manual) analysis is going to be 100% foolproof, or we wouldn’t be worrying about supply chain attacks in Linux. So that puts us back at square one.
Steam could easily gave automation the installs and runs games in a sandbox. Then watches what they do. The things it needed to do to steal the crypto should be vastly different than what a game should be allowed to do.
There are so many ways malware could get through that. What if it waits for a specific date or a certain amount of progress in the game? This automated sandbox probably wouldn’t be smart enough to beat the game, certainly not with as many games as they have.
It isn’t easy as you say.
If they could let us run games in a sandbox/virtualised area that would be amazing though. That’s a very big ask though.
I do know that xbox consoles run games in their own hyper-v vm which gives extra protections to us from most malicious code.
Obviously this would be hard for Steam to implement, but it would be a very nice measure.
This isn’t foolproof. A lot of malware these days is resistant to analysis because they can detect that they’re running in a sandbox and refuse to run the malicioua code.
This headline feels like a trap. Yes, Valve is the arbiter of what passes through the Steam store. Part of that involves checking for malware which, while their record isn’t flawless, they’ve let very little of it through given the sheer volume of games published to Steam every year. The consequences were terrible here, and I hope that can be rectified somehow. But the implication of this is that Valve makes this sort of error all the time through their “incompetence”, which they don’t, and the point of phrasing it this way seems to be to call anyone stating otherwise some kind of defender of a multibillion dollar company. It seems like a far better use of everyone’s time to be mad at the scammer here. Supporting and profiting from child gambling via Counter-Strike is a much better reason to be mad at Valve than the mistakes or other gaps in their vetting process that will be slightly tighter as a result of this mishap.
Jerboa developers, may I kindly ask for an option to disable automatic video preview?
Don’t get me wrong, it’s a nice feature and all, but fuck it eats at my limited cellular data usage and eats my battery…
Edit: That was meant to be a top level comment, my bad. Leaving it though.
Looks like they just added it in the new release. We should get you to ask for world peace next time, but this is pretty good too.
Oh, new update?!
Awesome, thanks for letting me know, hope the option is there… 👍
With how much money valve makes, just fix it. Its nothing to them and makes them look good.
Incentives. If valve did this, the expectation would be for them to cover any and all future breaches. They don’t have the capability of detecting and preventing all attempts, and this would incentivise a wave of new malicious programs. Because hey, if you get one into the store, you can now steal a million bucks from your own sockpuppet account, and valve will cover it.
People would do this on purpose to steal their own money and then beg Valve to pay them lol
Exactly
Jerboa developers, may I kindly ask for an option to disable automatic video preview?
Don’t get me wrong, it’s a nice feature and all, but fuck it eats at my limited cellular data usage and eats my battery…
Might try putting the comment in a jerboa community, or opening an issue on their codeberg or git, in the event none of them come to this thread.
I already did, right after the feature dropped.
