When Gaming Turns Dangerous: Malware-Infected Steam Game Steals $150,000

A cautionary tale for gamers, streamers, and businesses alike.

The Incident

In a story that made headlines, Twitch streamer Raivo “RastalandTV” Plavnieks—who was raising money for his cancer treatment—lost over $32,000 in cryptocurrency donations live on stream.

The source? A Steam game called BlockBlasters.

At first, the game seemed harmless when it launched in July. But on August 30, a new update slipped in hidden malware. Once installed, it quietly drained cryptocurrency wallets and stole login credentials.

By the time Valve removed the game, security researchers estimate that 261 to 478 players were affected, losing a total of $150,000.

Even trusted platforms can be exploited.

• The game was labeled “Steam Deck Verified”—but that only meant compatibility, not security.

• Malicious code was introduced later, after release, through an update.

• Victims ranged from everyday gamers to high-profile streamers.
  

The lesson: cyber threats can appear in unexpected places, and attackers are more creative than ever.

How to Protect Yourself

Whether you’re gaming at home or protecting business systems, these practices reduce your risk:

1. Don’t assume “verified” means secure

   Steam Deck Verified, App Store Approved, or Chrome Web Store listings only check for functionality—not malware.

2. Be cautious with new or unknown apps

   Give new titles and tools time. Early users often uncover hidden risks.

3. Monitor community feedback

   Reviews, Reddit threads, and security forums often surface red flags faster than official channels.

4. Run endpoint protection

   Keep updated antivirus/anti-malware software active on all systems.

5. Separate finances from play

   Don’t store sensitive data or large crypto balances on devices used for casual gaming. Use hardware wallets for extra protection.

6. Enable multi-factor authentication

   Add a second layer of security to critical accounts—financial, gaming, and work-related.

At Plexus IT, we help Los Angeles–area financial firms and professionals reduce risk across their technology environments. Incidents like BlockBlasters are reminders that threats evolve constantly, and vigilance is key—at home and at work.

Cybersecurity isn’t just about blocking phishing emails or securing servers. It’s about anticipating the unexpected—from indie games to cloud apps.

📞 If you’d like Plexus IT to run a cybersecurity health check on your systems—or train your team on how to spot risks before they spread—contact us today!