Steam removes PirateFi game: its malicious code allowed stealing user accounts

by Gabriel E. Hall - - 2025-02-14

PirateFi released with hidden malware

Malware has been put up as a game on Steam

On February 6, 2025, PirateFi launched on Steam as a free-to-play survival game. Billed as an open-world adventure with multiplayer capabilities, the game initially seemed to promise a conventional low-poly survival experience.

Yet, barely had the game been released when people started complaining about problems with their accounts, raising concerns over whether the game was legitimate. Some players saw that their antivirus software flagged the game as malicious and discovered a Trojan called Trojan.Win32.Lazzzy.gen embedded in its coding.^[1]

It was subsequently discovered that the game had malware designed to steal browser cookies. In this kind of attack, cybercriminals are able to take over user sessions, thereby giving them access to online accounts without passwords.

A few of the victimized users who stepped forward to report indicated there were instances of unauthorized login into their Microsoft and Steam accounts, while others discovered that their gaming and social media accounts had been compromised. Someone alleged their Roblox account was taken over, resulting in the theft of in-game money and the distribution of messages among their friends with scam links.^[2]

The game's availability on Steam has prompted questions about how it was able to bypass Valve's security measures so successfully. While PirateFi appeared legitimate, some red flags were ignored.

The developer, Seaworth Interactive, had no previous track record or online presence, and the game had only been mentioned on Steam three weeks before its launch. Despite these warning signs, it was downloaded by hundreds of users before being taken down.

Valve sent out security warnings to the victims

Upon receiving reports from players, Valve investigated the issue and confirmed the presence of malware within PirateFi. The company quickly removed the game from its platform and took steps to alert those who had downloaded it. Affected users received a notification urging them to take immediate security precautions, including running a full-system antivirus scan and checking for unauthorized software installations.

As described by one of the affected users, the message from Valve reads:^[3]

The Steam account of the developer for this game uploads builds to Steam that contained suspected malware. The builds containing the suspected malware have been removed from Steam, but we strongly encourage you to run a full-system scan using an antivirus product that you trust or use regularly, and inspect your system for unexpected or newly installed software. You may also consider fully reformatting your operating system to ensure that no malicious software remains on your machine.

Valve also issued a strong suggestion that players consider the full reformatting of their operating systems. This drastic measure was suggested to ensure that no traces of the malware remained on infected devices. Unlike typical viruses, malware that infects browser cookies can remain even after being deleted, thereby highlighting the need for users to take thorough steps to protect their accounts.

In spite of these warnings, Valve never provided detailed information on how the game had made it into the Steam store or what security exploits had been used.

This has been criticized by cybersecurity professionals, who maintain that stricter screening processes must be implemented to keep malicious software from reaching unsuspecting users. Steam has been in this situation before;^[4] however, PirateFi is an especially egregious example of malware distribution.

Up to 1,500 users affected

Estimates suggest that PirateFi was downloaded by between 800 and 1,500 users before its removal. While its peak player count was reportedly low – only five users at once – the damage had already been done. Some players reported that their passwords were changed without their knowledge, while others had their accounts locked out or used for fraudulent transactions.

This incident serves to underline the dangers of downloading software, even from trusted sources such as Steam. Although digital retailers do implement security measures, these are not always infallible, and hackers continually seek out new methods of circumventing them. PirateFi was touted as a harmless game in this instance, tempting users into downloading malware that had the potential to steal personal data.

About the author

Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions

References

^ Michael Kan. Did You Download This Steam Game? Sorry, It's Windows Malware. PCMag.
^ Daniel Croft. Game over: Steam removes game that contained malware. CyberDaily.
^ SteamDB. A game called PirateFi released on Steam last week and it contained malware. X.
^ Sead Fadilpašić. Beware of Steam malware - Valve upgrades security following threats, here's what we know. Tech Radar.