Pierluigi Paganini
February 14, 2025
Valve removed the game PirateFi from the Steam video game platform because it contained a Windows malicious code to steal browser cookies and hijack accounts. The company also warned affected users to fully reformatting the operating systems to remove the threat.
According to the website PCMag, the free-to-play game PirateFi was released last week. A few days later, Valve notified impacted users. PCMag cited the case of a gamer who downloaded the game and reported that his accounts were hijacked using stolen cookies.
“We are contacting you because you recently launched PirateFi (3476470) on Steam. The Steam account of the developer for this game uploaded builds to Steam that contained suspected malware.
You played PirateFi (3476470) on Steam while these builds were active, so it is likely that these malicious files launched on your computer.” reads the incident notice sent to the impacted users. “The builds containing the suspected malware have been removed from Steam, but we strongly encourage you to run a full-system scan using an anti-virus product that you trust or use regularly, and inspect your system for unexpected or newly installed software. You may also consider fully reformatting your operating system to ensure that no malicious software remains on your machine.”
A game called PirateFi released on Steam last week and it contained malware. Valve have removed the game two days ago.
— SteamDB (@SteamDB) February 12, 2025
Users that played the game have received the following email: pic.twitter.com/B98BFs0WbK
The game PirateFi was released as beta, but multiple antivirus flagged it as “Trojan.Win32.Lazzzy.gen.”
At the time of this writing, it is unclear how many players were impacted by the malware. SteamDB estimates that over 800 users may have downloaded the game.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Valve)
