Valve has removed 2D platformer BlockBlasters from Steam after an update turned the game into a crypto-drainer and led to large-scale thefts. Among the victims was Latvian streamer RastalandTV, who had more than $32,000 stolen from him during a charity broadcast to raise money for medical treatment.
Valve has removed 2D platformer BlockBlasters from Steam after an update turned the game into a crypto-drainer and led to large-scale thefts. Among the victims was Latvian streamer RastalandTV, who had more than $32,000 stolen from him during a charity broadcast to raise money for medical treatment.
BleepingComputer writes about the incident in detail. BlockBlasters was released on Steam on July 30, 2025 as a free retro arcade game from Genesis Interactive and had a «reviewed» rating and «very positive» reviews for almost two months. According to researchers, a malicious component was added to the game on August 30; the title was removed from the platform on September 21.
The problem was first noticed live: during a fundraising for sarcoma treatment, streamer Raivo Plavnieks (RastalandTV) had $32,000 disappear from his wallet. Crypto influencer Alex Becker partially compensated for the losses by sending $32,500 to a secure wallet; a GoFundMe is currently underway (≈58% of the goal has been raised at the time of publication). Investigator ZachXBT estimates the total losses at ~$150,000 and 261 affected Steam accounts, while VXUnderground reports 478 possible victims and publishes a list of nicknames with a call to change passwords immediately.
Technical analysis revealed a dropper batch that performs environment checks, steals Steam logins and IP addresses and transmits them to the C2 server. Additionally, a Python backdoor and StealC as the main stealer were recorded. Researchers also noticed a failure in OpSec: tokens and the code of the Telegram bot that controlled the infrastructure remained publicly available. According to unconfirmed reports, some of the recruitment attempts took place via social networks — potential victims were sent «invites» to try the game, targeting owners of significant crypto assets.
Valve did not respond to journalists' inquiries about BlockBlasters and possible delays in responding to complaints at the time of publication. The incident is not unique: in 2025, Steam had already removed games with malware — Chemia, Sniper: Phantom’s Resolution, PirateFi.
If you installed BlockBlasters, immediately change your password and enable 2FA, scan your PC for malware, and transfer your crypto assets to new wallets with new seed phrases. In the future, avoid little-known titles with few reviews/downloads, and be wary of «beta/EA» invitations in private.
Schemes with «proven» games attack the trust in the platform: first a safe build is released, which collects feedback and quality markers, then a stealer is added through an update. The combination of social engineering (targeted invites) and technical means (dropper, backdoor, StealC) makes such attacks especially dangerous for players who keep crypto wallets on the same computer where they install the games.
Previously, dev.ua wrote about a rare bug in Steam that prevented developers from notifying the release of their indie game to 130,000 players who were expecting it.
