Steam, Valve’s platform with over two decades of existence, is a cornerstone of PC gaming, connecting millions of players and offering a growing catalog of video games. While titles on the platform are expected to be secure, instances of games containing malware have been detected. In response, the FBI has launched an active investigation, seeking individuals affected by malware present in several Steam games designed to steal passwords.
Steam hosts the most extensive digital game catalog, significantly surpassing platforms like Sony’s PlayStation Store or Nintendo’s eShop. For comparison, PlayStation Store features approximately 10,000 titles (4,000 for PS4), while Nintendo’s eShop offers around 13,500 games (12,000 for Nintendo Switch, plus 350 for Switch 2 and classic titles).
FBI Investigates Malware Victims in Steam Games, Including PirateFi
Steam is estimated to host over 120,000 games, with thousands added annually. While indie titles are prevalent, AAA games constitute a minority. Unlike more selective storefronts like GOG, Steam permits broader publication as long as basic rules are met. Despite security assurances, the system is not foolproof, as evidenced by previous incidents like the “Sniper: Phantom’s Resolution” demo containing malware. The FBI is now investigating new cases of malware-laden games and is actively searching for potential victims.
The specific games under investigation include BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova. Users are advised to check if they have any of these unreliable titles installed. The FBI has identified incidents occurring between May 2024 and January 2026, suggesting these games may have gone undetected for a significant period. Potential victims are urged to complete a confidential form to assist investigators in gathering details about the incidents and damages incurred.
Valve Removed Malicious Games, FBI Offers Compensation to Victims
Among the identified titles, PirateFi, a free survival game, has been highlighted as the most dangerous, linked to the ‘Vidar’ malware. This malicious software is capable of extracting a wide range of sensitive data, including saved login credentials and browser information. Although Valve has already removed PirateFi from its platform, the FBI continues to seek affected individuals and requests that they confidentially complete the designated form.
Identified victims will be eligible for benefits and compensation, as data and password theft can lead to significant financial losses. Furthermore, authorities aim to understand how users discovered and installed these games, whether through the internet, social media, or other channels.
