A new malware threat has been found hidden inside a Steam Early Access game, putting gamers at risk of being secretly hacked.

A survival game called Chemia has been discovered to be housing some particularly nasty malware, and it’s been freely available through the official Steam platform. Offered as part of the Steam Early Access service – where users can download and play games before their full release – Chemia has been tinkered with by EncryptHub, a threat actor who has already made headlines this year.  Infostealer malware has been found packed into the official download files and pose a major threat to online gamers.

While it’s unlikely that your employees are regularly downloading games from Steam, the nature of the attack – malware hidden in official downloads – could easily strike at the heart of your IT infrastructure.

How Was an Official Game Compromised?

Security researchers at Prodaft found, on July 22nd 2025, that Chemia was not exactly as it seemed. Instead of being the challenging game it had been developed to be, it also contained two strains of malware. The malware at the heart of the attack was discovered to be Fickle Stealer and Vidar Stealer. Both of these malware packages had been designed to steal passwords, browser cookies, cryptocurrency wallet details, and any personal data they could access. In addition to Fickle and Vidar, there was a further componenet – HijackLoader – which could install additional malware.

Infostealers are especially dangerous because they don’t just take one type of data, they’re interested in harvesting everything. Sure, they won’t damage your PC, but they could damage your financial health and personal reputation. Anything from autofill data through to login credentials and chat history can be copied and sent to remote servers. This puts personal banking, emails, and confidential data at risk. And it’s all done quietly in the background while the innocent gamer plays Chemia.

Quite how Chemia was compromised is unclear, but it’s suspected that Chemia’s developer – Aether Forge Studios – may have had their Steam login credentials hijacked by EncryptHub. Currently, at the end of July 2025, Chemia is still available on Steam and putting gamers at risk. The attack is similar to that involving the PirateFi game and points towards a worrying trend of official platforms being hijacked by threat actors. Last year saw GitHub being targeted by hackers, so it would appear that safe spaces online are becoming rarer and rarer.

Be Wary of Hidden Malware Online

 

As we’ve already mentioned, gaming is probably the least of your businesses concern. But the GitHub attacks have demonstrated that any platform is at risk of similar attacks. Therefore, you need to ensure that you and your employees remain safe online by adhering to these best practices:

• Only Download from Official Sources: Many attacks online involve tricking users into visiting malicious websites which look like their legitimate counterparts. Accordingly, you should always double and triple check the authenticity of a website, and avoid using links in unsolicited emails to visit these sites.
• Install Anti-Malware Tools: Even if your budgets are tight, free anti-malware tools such as those offered by Kaspersky and AVG can strengthen your IT defenses. Regularly updated with all the latest threats, these tools can prevent you from downloading and executing malware on your systems.
• Regular IT Training: At the heart of your organization’s IT training, there needs to be a concerted effort to draw attention towards the methods and impact of malware. The weakest link your cybersecurity will always be your employees, so you need to make sure they understand what to look out for.

For more ways to secure and optimize your business technology, contact your local IT professionals.