Malware has been found hiding in the EXIF data of Steam profile photos, so are you at risk? How can you protect yourself?
Attackers always find new ways to distribute malware. You may end up downloading malware via email attachments or software packages from any website.
Even platforms like Slack and Discord are being used as a medium to spread malware. And now, the attackers are targeting the popular gaming store Steam to hide malware using the profile pictures. But are you at risk if you use Steam? What if you download an image from Steam?
SteamHide Malware: What Is It?
SteamHide is a form of malware that hides within Steam profile picture’s metadata, warns security company GDATA.
Technically, the PropertyTagICCProfile value of an image is changed to encrypt and hide the malware, which normally stores information to help printers detect the colors of an image.
This value is a part of the EXIF data that exists in an image to help you identify the camera used and other related information.
The profile picture or the image is not the malware itself, but it is a container for the malware.
So, if you are using Steam or have downloaded or accessed an image from Steam, this does not affect your computer. That’s because the malware is inactive until it’s decrypted by a separate malware downloader.
How Does SteamHide Affect Your Computer?
The image or the profile picture helps in the distribution of malware to an infected computer without getting detected by any antivirus software.
The infected computer in question must have a downloader (a malicious file downloaded via email attachments or websites) which extracts the malware from the Steam profile image, which is publicly accessible.
In other words, it downloads the malware by connecting to the image hosted on Steam platform.
Of course, the attackers who developed it are clever enough to know that you cannot block connections to the Steam platform (or its images). If you block Steam, you may not be able to use the platform for playing video games and flag legitimate profiles in the process.
Potentially, there are millions of accounts in Steam, and it is tough to know which profile is harboring malware inside its profile picture.
And it is easy to update malware in an infected computer by simply updating the profile picture.
So, to protect yourself from SteamHide, you need to be incredibly careful when downloading something off the internet. If you do not download anything malicious to your computer, an image from the Steam platform has no impact whatsoever.
You should also follow our online security guide to stay safe against malware.
SteamHide Is Part of Something Big but Harmless for Most
SteamHide is in active development by the attackers and has not actually been detected in the wild to spread malware yet.
However, this may be a part of a big attack soon because of its effectiveness in evading detection. Even though the profile picture on Steam is not dangerous on its own, it is one piece of the attack that cannot be easily detected or blocked.
While Steam cannot do much about it as of now, except to remove the images from malicious profiles detected, it is here to stay.
The good news is, if you do not download anything malicious to your computer, the hidden malware inside the image is harmless.
Steam is the primary place to get PC games, but is it safe to buy from? Let’s find out.
About The Author