Independent PC game Abstractism from Dead.Team studios used the Steam store to distribute viruses and scam the Steam Marketplace. YouTube user SidAlpha exposed Abstractism after collecting evidence from the Steam marketplace and Steam store pages. He concluded that the game was creating fake marketplace items that appeared as rare Team Fortress 2 items as well as mining for crypto currency in the background. Valve has since pulled the game from the Steam store following Abstractism's facetious attempts to deny their own shady operations. This included changing the fake TF2 items on Abstractism's marketplace to memes and joking that instead of mining Bitcoins they are mining Monero coins.
While the relatively small size of the game means the overall number of users affected is limited, there were multiple users either scammed or attacked before the game was exposed. A post on a Backback Community Forums from a scammed user identified the fake items, which lead to a community investigation into the game. It was subsequently found that two of the games' .exe launcher files were flagged as viruses. An official update post from 23 July not only explains the "item drop" system but outright states "Notes: Abstractism Launcher and Abstractism Inventory Service are not Bitcoin miner (and are not Monero miner too, honestly). These apps are required to connect to the Steam and grant items to your inventory."
SidAlpha concludes that the item drop system, which rewarded players with phoney TF2 items, off which the developers profit from the sale of, was actually a front for data mining. The update post explains systems like the 'dynamic drop times', which encourage users to leave the game running, and the 'drop limit reset', which resets players weekly limit if they are in-game on Friday. As SidAlpha explains, it is while users are idle in-game waiting for item drops that the .exe will suspiciously require excessive GPU and CPU power for such a simple game. During this time, the game is most likely forcing the players computer to perform extreme calculations, which in effect mines for the crypto-currency, then, during the Friday limit reset, the game communicates with the servers and returns the finished calculations into the crypto-wallet, verifying the mined coins. SidAlpha's 14 minute video expose explains the technical side of crypto-mining in more detail, but this is essentially how he identified the game as a miner.
The game has since been removed from the Steam store, however this incident exposes a serious oversight from Valve. The most concerning aspect is that the game files, which most antivirus software flag as containing trojan viruses, was distributed through the official Steam store in order to not only scam Valve's in-game economy but also mine for crypto-currencies.
Nick McDonald @gamersclassified
Excellent article and a good start. I, too, most recently at Stemit and looking for new friends and like-minded people, I followed you and you follow me. Together we can quickly develop our blogs on Steemit.