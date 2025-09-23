Steam game BlockBlasters was malware that stole over $150K in crypto, including $32K from a streamer raising cancer funds.

VXUG and ZachXBT exposed the scam, which posed as a legit game but hid wallet-draining code.

Valve pulled it from Steam, but weak vetting means similar scams may recur.

Lowest of The Low

Multiple streamers recently revealed that they’d been duped into downloading a Steam game called BlockBlasters, only to find that it was a front for “drainware” – a phishing tool that steals cryptocurrency. One streamer, rastaland, was raising funds for cancer treatment and had over $32,000 stolen live on air.

The issue was highlighted by various users on X, including another streamer called Downsin Jerome, ZachXBT (a crypto-hack investigator), and vx-underground (aka VXUG, the largest collection of malware source code, samples, and papers on the internet). The latter posted a report on the official VXUG site detailing its collective findings.

“A heinous act of cowardice where Threat Actors targeted a stage 4 terminally ill cancer patient for his creator earnings on Pump.fun through a Steam game,” the report said. “After a significant investigation involving roughly 10+ people, we were able to communicate with the Threat Actors who showed fake remorse for their actions.”

“Valve allowed this malware to exist for just under a month. This is appalling levels of vetting. How can you let such brazen malware exist on your platform?”

Phishing For Crypto

Rastaland, and other affected streamers, were targeted on a site called Pump.fun. This is a relatively new platform that allows users to create their own meme coin/token (like the popular DOGE crypto), and then sell and trade it.

The site runs on a decentralized Solana network (a well-regarded cryptocurrency platform) and focuses on fair processes, such as ensuring no one can pre-buy tokens, and by using a bonding curve for value (basically, the more people who buy the token, the higher its value).

Streamers were contacted by “Threat Actors” – the name for people who run malicious hacks – masquerading as game PR, asking if they’d be interested in streaming BlockBlasters. Those who checked out the game found a verified title that appeared normal and safe with multiple positive reviews.

A threat report of the offending game file.

However, drainware had been added to the game at the end of August, and it was this that attacked streamers’ crypto wallets. In doing so, it siphoned off funds to almost 60 Threat Actors, as detailed in the VKUG report. It did this via a .bat file within the game, which disabled antivirus software and checked for crypto wallets and stored passwords.

Malware Everywhere

The biggest issue with malware games like BlockBlasters is that they often appear legit, and can actually be a perfectly safe, working game right up until someone decides to hide dangerous phishing tools in the code.

BlockBlasters has since been removed from Steam by Valve, but associated reviews and discussions can still be viewed. Of the former, most players found it to be a pleasant 2D sidescroller/shooter that needed a little more polish, with nothing to suggest it was anything other than a low budget free game created by an indie dev.

A snapshot of recent player reviews. Uninstall the game then scan your system if this is you!

That dev, and publisher, Genesis Interactive has no other games listed elsewhere, and no internet presence outside of other reports on this issue, and a brief mention on Moby Games (a reference on that site to a game on the Epic Store is a dead end).

This isn’t the first time a crypto scam has been found on Steam, and it likely won’t be the last; Valve checks the initial upload/build of a game, but not updates. Previous scam games discovered on the platform this year include Sniper: Phantom’s Resolution, PirateFi, and Chemia.

VXUG discovered that 970 people had been affected by BlockBlasters malware, and ZachXBT is the investigator who discovered over $150,000 had been stolen. Any gamers who may have downloaded BlockBlasters before it was pulled from Steam should remove it from their system; even if they don’t use crypto, the malware can still find private, valuable data.

Otherwise, gamers are encouraged to check the developer/publisher of any titles that they’re unsure about (on any game platform), as well as check patch/update notes for suspicious file names and activity.