A new cryptojacking scam masquerading as a video game garnered 6,000 downloads before being removed from the popular cloud-based platform on which it was hosted.

The game, called “Abstractism,” appeared on gaming distribution platform Steam after parent company Valve adopted an “anything goes policy” for its digital store, Fortune reported in July 2018. According to Motherboard, the game was originally released in March 2018 by developer Okalo Union and publisher dead.team as a “trivial platformer,” which has players move blocks in a 2D space to the sound of soothing music.

Despite the game’s minimalist graphics and lightweight concept, users began noticing device performance issues and discovered that the program was conducting significant amounts of network communication. The developers also encouraged users to leave the game running in the background for a chance to obtain rare items. Although patch notes expressly stated that the game was not crypto-mining malware, mounting evidence to the contrary forced Steam to remove it on July 30.

Gaming Platforms Are Not All Fun and Games

The threat posed by cryptojacking scams such as Abstractism is particularly concerning for security professionals because many companies are hiring gamers to help close the IT skills gap — meaning there’s a greater chance that this type of malware could compromise business networks.

Although the game does trigger Windows Defender and antivirus alerts, its lightweight nature makes it easy to overlook these red flags — even as it hogs both central processing unit (CPU) and graphics processing unit (GPU) resources. It doesn’t take much for malware makers to create crypto-mining code — in fact, the smaller, the better.

Steam’s move to an open marketplace is also worrisome, and not just because companies will suddenly be inundated with thousands of “Abstractism” copies. With cloud-based marketplaces no longer attempting to control every piece of software they offer, the responsibility for overseeing games, productivity tools and open-source offerings has shifted to corporate IT teams.

How to Minimize the Threat of Cryptojacking

To avoid costly losses due to cryptojacking games and other malicious apps, IBM Security experts recommend implementing advanced security information and event management (SIEM) and behavioral analytics tools to detect high CPU and GPU usage.

Security experts also suggest using a managed cloud access security broker (CASB) to help mitigate the impact of shadow IT — which, in this case, could include crypto-mining games downloaded onto business devices and any other cloud-based apps that aren’t approved by IT teams.

Sources: Fortune, Motherboard

More from

Beyond Requirements: Tapping the Business Potential of Data Governance and Security

3 min read - Doom and gloom. Fear, uncertainty and doubt. The "stick" versus the "carrot". What do these concepts have in common? They have often provided the primary motivation for organizations’ data governance and security strategies. For the enterprise, this mindset has perpetuated the idea that data governance, data security and data privacy are reactive cost centers existing due to externally imposed requirements or mandates.Yet, what if data governance and security practices could upend the prevailing paradigm and demonstrate direct business value?[button link="https://community.ibm.com/community/user/security/events/event-description?CalendarEventKey=8d7fdc61-97bf-43b0-b7d6-018756e436a6&CommunityKey=aa1a6549-4b51-421a-9c67-6dd41e65ef85&Home=%2fcommunity%2fuser%2fsecurity%2fcommunities%2fcommunity-home%2frecent-community-events"…

3 min read

Protecting Against Remote Monitoring and Management Phishing

3 min read - You use remote monitoring and management (RMM) software to closely monitor your cyber environment and keep your organization safe. But now cyber criminals are specifically targeting these tools, causing legitimate software to become a vulnerability. This is the latest type of attack in an increase in a recent trend of disruptive software supply chain attacks. The Cybersecurity and Infrastructure Security Agency (CISA) recently released an alert about the malicious use of legitimate remote monitoring and management (RMM) software. Last fall,…

3 min read

Secure-by-Design: Which Comes First, Code or Security?

4 min read - For years, developers and IT security teams have been at loggerheads. While developers feel security slows progress, security teams assert that developers sacrifice security priorities in their quest to accelerate production. This disconnect results in flawed software that is vulnerable to attack. While advocates for speed and security clash, consumers must often pay the price when threat actors strike. 48% of developers admitted they were still shipping code with vulnerabilities in 2022. It’s clearly time for a change. Many believe…

4 min read

ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK)

7 min read - In late April 2023, IBM Security X-Force uncovered documents that are most likely part of a phishing campaign mimicking credible senders, orchestrated by a group X-Force refers to as ITG10, and aimed at delivering RokRAT malware, similar to what has been observed by others. ITG10's tactics, techniques and procedures (TTPs) overlap with APT37 and ScarCruft. The initial delivery method is conducted via a LNK file, which drops two Windows shortcut files containing obfuscated PowerShell scripts in charge of downloading a…

7 min read