Steam Users Urged to Check Devices After FBI Malware Warning
Steam users urged to check devices after malware attack warning by the FBI. According to a post by the Federal Bureau of Investigation, several Steam games contained malicious software that could have impacted games.
The suspected activity stretched from May 2024 through January 2026. The titles named so far include BlockBlasters, Chemia, Dashverse, DashFPS, Lampy, Lunara, PirateFi, and Tokenova, all tied to a case being handled by the FBI’s Seattle Division.
The FBI’s Seattle Division is seeking to identify potential victims installing Steam games embedded with malware.
— SteamDB (@SteamDB) March 12, 2026
Tmeframe of May 2024 and January 2026 and includes BlockBlasters, Chemia, Dashverse / DashFPS, Lampy, Lunara, PirateFi, and Tokenova. pic.twitter.com/szOEVCB7kA
If you, or someone you know, installed one of these games, you are being asked to fill out a victim information form or email the bureau directly. BleepingComputer reported that the agency is trying to identify people who may have suffered account takeovers, stolen funds, or other damage after launching the games.
“The FBI is legally mandated to identify victims of federal crimes it investigates. Victims may be eligible for certain services, restitution, and rights under federal and/or state law. All identities of victims will be kept confidential,” the FBI told BleepingComputer.
On the surface, these games looked ordinary; however, they included shady software that slipped into Steam, which created the scam. Polygon reported that several of the titles were linked to suspected crypto scams, while TechCrunch noted the FBI believes the same hacker may be behind multiple malware-laced games published on the platform.
Amongst the titles, BlockBlasters, a free-to-play 2D platformer that was available from July to September 2024, was one of the most notable cases. While initially uploaded to Steam as a clean program, cryptodrainer malware was later added to the game.
Reports say one streamer lost more than $32,000 after downloading it. The same report said blockchain investigators estimated losses across hundreds of Steam accounts, which shows this was not some tiny nuisance buried in a corner of the platform.
Generally, Valve acts rapidly to terminate offending games after discovering their true nature. However, some games do get past them, unfortunately. For example, BlockBusters reached a peak of 7 concurrent users according to SteamDB.
In a statement to PCMag, Valve said, “We previously sent email notifications to players who launched certain games on Steam when we discovered that builds of those games likely contained malware. We removed those builds from Steam, investigated the incidents, and cooperated with law enforcement. Yesterday, we forwarded to affected customers a message from the Federal Bureau of Investigation regarding the investigation.”
Early Access, Playtest, and the Trap
How can you tell what’s a trap and what’s real? It’s important to note Steam’s features. For instance, Steam Early Access is a real feature, and Valve boasts that it allows developers to sell a game while it’s unfinished, as long as it’s playable. This is a great way to promote the game while testing it, and gives the audience a chance to point out bugs and suggest ways to make the game smoother.
Along with that, Steam Playtest is also legitimate, with Valve describing it as a separate, low-risk way for developers to let players test a game before the full release.
But with these features, some scammers have hidden behind certain language that players are used to. Using words like “playtest,” “beta,” or “early access” makes a game seem promising, but makes it easy for gamers to download a fake or compromised game. It’s important to do your research before downloading a game.
What’s Next?
If you, or someone you know, downloaded one of these games, please fill out a short form with relevant information. The FBI is collecting victim reports, technical details, screenshots, and any communication users had with people who promoted the games.
The bureau’s form asks about Steam IDs, account compromise, crypto wallet activity, suspicious contacts on platforms like Discord or Telegram, and whether money was lost. Infosecurity Magazine reported that the campaign appears tied to efforts to trace victims and map out the malware operation more completely.
How Can Steam Gamers Protect Themselves?
- Be wary of random messages pushing you to download a game, join a playtest, or move money around.
- The FBI says unknown contacts should not be trusted with financial or personal information, and it warns people to treat online investment advice with extreme caution.
- If something feels off after installing a game, run a security scan, check what software was recently added, change important passwords from a clean device, and review accounts tied to your browser or crypto wallet.
- Steam previously warned affected users in one case to scan their systems and consider reinstalling the operating system, which tells you how serious these infections can be.
There’s also a simple rule here that still holds up, even in a world full of slick store pages and polished trailers. Slow down before you click. Research a game before downloading. For older gamers, especially the ones who still think of Steam as the safe shelf at the video store, this story is a rough reminder that familiar brands don’t always mean familiar risks.
If you downloaded one of the named games between May 2024 and January 2026, the smartest move now is to report it and lock down your accounts.
