cross-posted from: https://programming.dev/post/37902936
- Forensic report compiled by the research collective behind the takedown of Block Blasters— Credit: 1989 on X/Twitter.
- G DATA Report.
For anybody wondering what is going on with $CANCER live stream… my life was saved for whole 24 hours untill someone tuned in my stream and got me to download verified game on Steam
After this I was drained for over 32,000$ USD of my creator fees earned on pumpdotfun and everything quickly changed. I can’t breathe, I can’t think, im completely lost on what is going to happen next, can’t shake the feeling that it is my fault that I might end up on street again or not have anything to eat in few days… my heart wants to jump out of my mouth and it hurts.
I won’t rewatch this myself but I have added a clip from the stream after I noticed what has happened.
also I have succesfully (CTOed) my creator rewards and they have been redirected to safe device.
Source: rastaland.TV on X/Twitter— Private front-end.
More context:
Yesterday a video game streamer named rastalandTV inadvertently livestreamed themselves being a victim of a cryptodraining campaign.
This particular spearphishing campaign is extraordinarily heinous because RastaLand is suffering from Stage-4 Sarcoma and is actively seeking donations for their cancer treatment. They lost $30,000 of the money which was designated for their cancer treatment. In the steam clip their friend tries to console them while they cry out, “I am broken now.”
They were contacted by an unknown person who requested they play their video game demo (downloadable from Steam). In exchange for RastaLand playing their video game demo on stream, they would financially compensate them.
Unfortunately, the Steam game was actually a cryptodrainer masquerading as a legitimate video game.
Source: vx-underground on X/Twitter— Private front-end.
Source: ZachXBT on X/Twitter— Private front-end.
Comments
deleted by creator
No discussion, it is super shitty that someone stole the money.
But the real scandal is, that anybody needs to raise money, to get a cancer treatment.
People keep saying $32k was stolen by malware. No, that did not happen. Malware did not reach into someone’s bank account and withdrew $32k. Here is a simple fact. Crypto is not money. If your brain says something like “it works just like money, or it’s worth just as much as money so it’s basically money” then you’re most likely to get scammed at sometime in the future by putting your actual real money into crypto. It’s that simple.
If a collective of people say its worth something then it’s worth something. That’s literally what money is and how it works
America is the only country where this could occur, look yourself in the mirror…
At this point people should not keep substantial amounts of crypto on their main PC anymore. Either get a hardware wallet or an old smartphone or other device to dedicate to that purpose and not install anything else on it.
Yeah, like 100% not to victim blame, but that is what not to do 101
Maybe don’t raise money for your cancer treatment in the form of crypto? Hard lesson to learn for sure
I don’t think it’s such a direct lesson since it could’ve been other financial information on there. Instead of a crypto key, the game could’ve installed a keylogger that read the player’s banking password later.
It’s more of a general warning that Steam games are not necessarily safe.
I believe they were streaming on a platform that is built around cryptos
Oh crypto, can’t you go five minutes without being a scam?
… How long was that?
This isn’t a problem of crypto being a scam. The scam was a video game in this case.
If someone hides $30k in cash in their home, gets robbed, then the robber spends it all and dies penniless? The victim won’t get their money back. Same as this victim.
That’d make cash just as much of a scam as crypto in these two scenarios.
If someone hides $30k in cash in their home, gets robbed
That’s not really a comparable scenario though, is it? To be robbed of cash someone has to physically be in the same location, and physically remove an object from your safe keeping (be it a literal safe, or on your person)
To steal crypto someone on the other side of the world can just be like “yo bro click this” and 18 seconds later its gone. Who was it? Who knows. Where are they? No idea! Not even a chance to yell out “omg help help someone help this guy is stealing my stuff” as they do it.
As a side note, I’m not a “cash is king” type person anyway. I much prefer electronic transfers. I just prefer my electronic transfers to be real money handled by financial insitutions where its protected by laws, not magic beans.
As others have described, people can steal money digitally the same way. Yes, real money is infinitely more trackable.
That doesn’t mean crypto is a scam. It just means it’s not (as) trackable as traditional currencies.
And I’m not a cryptobro or anything. I just don’t think cryptocurrencies are inherently “a scam”.
Crapto is a total scam. Stop putting your money into this damn Ponzi scheme.
I would have agreed a year ago.
But the only clearing houses for online transactions turned out to be a bunch right wing stooges that hate LGBT and Adult Games.
This seems way too hostile to valve for what this really was.
It really isn’t. Scanning code for vulnerabilities should be at a very high standard for the dominant and most wealthy game platform on Earth.
Very standard practice for malicious software scanning is to install the program in a virtual environment and then monitor its processes to see if it’s performing malicious activities: eg keylogging while a background process (eg alt-tabbed), or if it interacts with browser data (trying to get saved auth cookies or saved account info), running searches for strings that are common for crypto wallets, etc.
Its entirely possible that Steam has dropped the ball in a big way here.
I can only imagine the animosity in the comments if it was from a game on the Epic store or Ubisoft UPlay…
If it’s true that the malicious game has been available for a month then steam has some blame.
Why so? Assuming this is the 1st complaint against the game, what was steam supposed to do in the past month?
Obviously, Steam is supposed to vet the source code of every game thoroughly before it ever gets put up for sale.
I wonder how many people are taking your statement at face value without recognising the sarcasm…
It’s not sarcastic. That’s exactly how most of these platforms work behind the scenes. They run automated, dynamic and static analysis against all the app code looking for potentially harmful signatures.
Pretty sure Steam already does that. And no automated (or even manual) analysis is going to be 100% foolproof, or we wouldn’t be worrying about supply chain attacks in Linux. So that puts us back at square one.
Yeah that’s literally what I said. Seems like the previous guy didn’t understand that. I don’t know why anyone would downvote me for just explaining how it works.
Steam could easily gave automation the installs and runs games in a sandbox. Then watches what they do. The things it needed to do to steal the crypto should be vastly different than what a game should be allowed to do.
There are so many ways malware could get through that. What if it waits for a specific date or a certain amount of progress in the game? This automated sandbox probably wouldn’t be smart enough to beat the game, certainly not with as many games as they have.
It isn’t easy as you say.
If they could let us run games in a sandbox/virtualised area that would be amazing though. That’s a very big ask though.
I do know that xbox consoles run games in their own hyper-v vm which gives extra protections to us from most malicious code.
Obviously this would be hard for Steam to implement, but it would be a very nice measure.
This isn’t foolproof. A lot of malware these days is resistant to analysis because they can detect that they’re running in a sandbox and refuse to run the malicioua code.
This headline feels like a trap. Yes, Valve is the arbiter of what passes through the Steam store. Part of that involves checking for malware which, while their record isn’t flawless, they’ve let very little of it through given the sheer volume of games published to Steam every year. The consequences were terrible here, and I hope that can be rectified somehow. But the implication of this is that Valve makes this sort of error all the time through their “incompetence”, which they don’t, and the point of phrasing it this way seems to be to call anyone stating otherwise some kind of defender of a multibillion dollar company. It seems like a far better use of everyone’s time to be mad at the scammer here. Supporting and profiting from child gambling via Counter-Strike is a much better reason to be mad at Valve than the mistakes or other gaps in their vetting process that will be slightly tighter as a result of this mishap.
Jerboa developers, may I kindly ask for an option to disable automatic video preview?
Don’t get me wrong, it’s a nice feature and all, but fuck it eats at my limited cellular data usage and eats my battery…
Edit: That was meant to be a top level comment, my bad. Leaving it though.
Looks like they just added it in the new release. We should get you to ask for world peace next time, but this is pretty good too.
Oh, new update?!
Awesome, thanks for letting me know, hope the option is there… 👍
With how much money valve makes, just fix it. Its nothing to them and makes them look good.
Incentives. If valve did this, the expectation would be for them to cover any and all future breaches. They don’t have the capability of detecting and preventing all attempts, and this would incentivise a wave of new malicious programs. Because hey, if you get one into the store, you can now steal a million bucks from your own sockpuppet account, and valve will cover it.
People would do this on purpose to steal their own money and then beg Valve to pay them lol
Exactly
Jerboa developers, may I kindly ask for an option to disable automatic video preview?
Don’t get me wrong, it’s a nice feature and all, but fuck it eats at my limited cellular data usage and eats my battery…
I don’t know what Jerboa is or why you commented about it under this post…lol
Might try putting the comment in a jerboa community, or opening an issue on their codeberg or git, in the event none of them come to this thread.
I already did, right after the feature dropped.
