Skip to main content

Watch out: profile images on Steam could contain malware

Be wary downloading pics from Valve's platform

Naughty people are reportedly hiding malware in Steam profile images, so go careful what you download from Valve's gaming platform. Named SteamHide, the malware isn't the picture itself, but is tucked away in its metadata, waiting to be activated by a separate malware downloader. It's not something to worry about if you're using Steam normally - you'd need to be clicking on dodgy emails or visiting dubious websites to even get the extra necessary malware to activate the Steam stuff - but it's worth keeping an eye on, just in case.

According to G Data, "malicious users" are specially crafting profile images to contain malware. Because of the way it's created, the malware can't be detected by antivirus software. These images can't do much on their own though, G Data says it's "payload" malware that requires even more malware to activate it.

Watch on YouTube

Basically, you'd need to have downloaded some other bit of nasty malware (from rotten websites or spam emails) that would act as a decrypter. Damage can only be caused with both bits of malware.

"It should be noted that in order to become a target for this method, no installation of Steam - or any other game platform - is required. The Steam platform merely serves as a vehicle which hosts the malicious file," G Data say.

"The heavy lifting in the shape of downloading, unpacking and executing the malicious payload is handled by an external component which just accesses the profile image on one Steam profile. This payload can be distributed by the usual means, from crafted emails to compromised websites."

G Data emphasises that Steam users aren't at an increased risk of infecting their devices just by having Steam installed - even opening one of these modified images in a viewing application won't infect your PC. Hiding malware in pictures in this way isn't new either, it's just a method that supposedly hasn't been seen on gaming platforms before.

It's the kind of thing you can avoid by doing the usual and being sensible about what you click on. Also, I don't know who would bother downloading other players' profile pics, but on the off chance that's you, you should probably stop to be safe.

If you're interested in the technical bits, here's the link to that G Data article again where they explain in detail how the malware works.

Read this next