this post was submitted on 22 Sep 2025
150 points (81.2% liked)

Games

42476 readers
1267 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Rules

1. Submissions have to be related to games

Video games, tabletop, or otherwise. Posts not related to games will be deleted.

This community is focused on games, of all kinds. Any news item or discussion should be related to gaming in some way.

2. No bigotry or harassment, be civil

No bigotry, hardline stance. Try not to get too heated when entering into a discussion or debate.

We are here to talk and discuss about one of our passions, not fight or be exposed to hate. Posts or responses that are hateful will be deleted to keep the atmosphere good. If repeatedly violated, not only will the comment be deleted but a ban will be handed out as well. We judge each case individually.

3. No excessive self-promotion

Try to keep it to 10% self-promotion / 90% other stuff in your post history.

This is to prevent people from posting for the sole purpose of promoting their own website or social media account.

4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts

This community is mostly for discussion and news. Remember to search for the thing you're submitting before posting to see if it's already been posted.

We want to keep the quality of posts high. Therefore, memes, funny videos, low-effort posts and reposts are not allowed. We prohibit giveaways because we cannot be sure that the person holding the giveaway will actually do what they promise.

5. Mark Spoilers and NSFW

Make sure to mark your stuff or it may be removed.

No one wants to be spoiled. Therefore, always mark spoilers. Similarly mark NSFW, in case anyone is browsing in a public space or at work.

6. No linking to piracy

Don't share it here, there are other places to find it. Discussion of piracy is fine.

We don't want us moderators or the admins of lemmy.world to get in trouble for linking to piracy. Therefore, any link to piracy will be removed. Discussion of it is of course allowed.

Authorized Regular Threads

Related communities

PM a mod to add your own

Video games

Generic

Help and suggestions

By platform

By type

By games

Language specific

founded 2 years ago
MODERATORS
Dremor@lemmy.world
JonsJava@lemmy.world
fxomt@lemmy.dbzer0.com
Dremor@jlai.lu
modfxomt@lemmy.world
PerfectDark@lemmy.world
150
Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform (video.twimg.com)
submitted 4 days ago by Pro@programming.dev to c/games@lemmy.world
151 comments fedilink hide all child comments
 

cross-posted from: https://programming.dev/post/37902936

For anybody wondering what is going on with $CANCER live stream... my life was saved for whole 24 hours untill someone tuned in my stream and got me to download verified game on Steam

After this I was drained for over 32,000$ USD of my creator fees earned on pumpdotfun and everything quickly changed. I can't breathe, I can't think, im completely lost on what is going to happen next, can't shake the feeling that it is my fault that I might end up on street again or not have anything to eat in few days... my heart wants to jump out of my mouth and it hurts.

I won't rewatch this myself but I have added a clip from the stream after I noticed what has happened.

also I have succesfully (CTOed) my creator rewards and they have been redirected to safe device.

Source: rastaland.TV on X/TwitterPrivate front-end.

More context:

Yesterday a video game streamer named rastalandTV inadvertently livestreamed themselves being a victim of a cryptodraining campaign.

This particular spearphishing campaign is extraordinarily heinous because RastaLand is suffering from Stage-4 Sarcoma and is actively seeking donations for their cancer treatment. They lost $30,000 of the money which was designated for their cancer treatment. In the steam clip their friend tries to console them while they cry out, "I am broken now."

They were contacted by an unknown person who requested they play their video game demo (downloadable from Steam). In exchange for RastaLand playing their video game demo on stream, they would financially compensate them.

Unfortunately, the Steam game was actually a cryptodrainer masquerading as a legitimate video game.

Video.

Source: vx-underground on X/TwitterPrivate front-end.

Source: ZachXBT on X/TwitterPrivate front-end.

Rastaland GoFundMe.

Comments

top 50 comments
sorted by: hot top controversial new old
[–] rimjob_rainer@discuss.tchncs.de 43 points 2 days ago (2 children)

Needs to raise money to get cancer treatment. America is a real dystopia.

[–] TheJesusaurus@sh.itjust.works 22 points 2 days ago (1 children)

That's the real story here. Everything else after that is just icing on the tragedy cake.

Why does this guy need to raise 32 grand (a respectable salary in plenty of places) for cancer treatment

[–] SoftestSapphic@lemmy.world 23 points 2 days ago (1 children)

Because not enough healthcare CEOs have been shot yet

[–] TheJesusaurus@sh.itjust.works 13 points 2 days ago

I like the cut of your jib

load more comments (1 replies)
[–] ICastFist@programming.dev 26 points 2 days ago* (last edited 2 days ago) (1 children)

The game in question, Block Blasters, which was free to play, has been removed from Steam, although it seems owners can still try to install it, but antivirus programs may block those attempts.

The GData linked in the post shows that the game was released in July 31 and that the malware update came in August 30, adding a .bat and 2 .zip files within the Engine/Binaries/ThirdParty/Ogg directory. The zip files were password protected, which blocked scanning.

The batch script checks first if the system is running only Windows Defender and does not have any of the listed AV products from AV_PROCESSES as a running process; if these criteria are met, the batch script unpacks the contents of the archive “v1.zip” (...) The script “1.bat” adds the destination folder of the executables found inside the “v3.zip” archive to the exemption list for Microsoft Defender Antivirus. [emphasis mine]

So, yeah, it's pretty clear how easily it went undetected by Steam, Windows Defender or any other antivirus program - malware inside a password protected zip. I suspect making something similar on Android wouldn't be much harder, as an app or game that needs access to your internal storage isn't "too weird", like something that asks for some music to play in a stage.

[–] pulsewidth@lemmy.world 22 points 2 days ago

A password-protected zip file should have been flagged by Steam as suspect before they approved the update, its a very old and very common method for detection bypass.

[–] ibot@feddit.org 135 points 3 days ago

No discussion, it is super shitty that someone stole the money.

But the real scandal is, that anybody needs to raise money, to get a cancer treatment.

[–] daniskarma@lemmy.dbzer0.com 13 points 2 days ago (2 children)

I'm not into crypto. But how can it being stolen just by reading some file in the computer? Isn't the private key encrypted with some really secure password? It was stolen while the private key was being used?

[–] ICastFist@programming.dev 11 points 2 days ago

Considering how the malware works, it seems that the criminal managed to copy/steal all the browser data of Rastaland, including open sessions, allowing him to login on any site that had an active session/cookies, including that pumpdotfun where the coin was

[–] sonalder@lemmy.ml 7 points 2 days ago

To keep it short there is two big families of wallets. Hot and cold wallet. Hot wallets are the one that got an internet connection wether it's a constant one or periodically connecting. Cold wallets are never connected to the internet and often are dedicated hardware devices with the better ones having a Secure Element to store the private key or even sometimes sign transactions directly in it.

Victims of this attacks were using hot wallet on a not-dedicated machine which is consider bad practice. Hot wallets have to be consider more like a physical wallets for daily spends and cold wallet being privilege for long-term saving and monthly or yearly transactions.

I'm not an expert but desktop OS (especially Windows) are not as well contained than phone so I almost never use hot wallet on my computer. Often users are tricked to sign transactions to get stolen but I think if the wallet is unlocked a malware with the right privileges/permissions could easily steals money.

by reading some file in the computer Aren't Steam games always executable for Windows?

[–] Wispy2891@lemmy.world 18 points 3 days ago (2 children)

I’ll be the asshole: why the fake money wasn’t immediately converted to real money giving directly the exchange address instead of a locally hosted wallet? Except bitcoin all the shitcoins are devaluating in real time

[–] CrackedLinuxISO@lemmy.dbzer0.com 7 points 2 days ago (2 children)

With meme coins, the liquidity is dogshit. There's no real market for sale.

If you sell the tokens piece-by-piece as you get them, you drive down the future price and might get less real money overall. Better to sell a big chunk at once.

Also, not every exchange has a wallet/custody system. It's entirely possible for direct p2p trades to happen without any intermediate transfers. I don't know if pump.fun actually does this.

load more comments (2 replies)
load more comments (1 replies)
[–] skozzii@lemmy.ca 47 points 3 days ago

America is the only country where this could occur, look yourself in the mirror....

[–] ampersandrew@lemmy.world 153 points 4 days ago (9 children)

This headline feels like a trap. Yes, Valve is the arbiter of what passes through the Steam store. Part of that involves checking for malware which, while their record isn't flawless, they've let very little of it through given the sheer volume of games published to Steam every year. The consequences were terrible here, and I hope that can be rectified somehow. But the implication of this is that Valve makes this sort of error all the time through their "incompetence", which they don't, and the point of phrasing it this way seems to be to call anyone stating otherwise some kind of defender of a multibillion dollar company. It seems like a far better use of everyone's time to be mad at the scammer here. Supporting and profiting from child gambling via Counter-Strike is a much better reason to be mad at Valve than the mistakes or other gaps in their vetting process that will be slightly tighter as a result of this mishap.

load more comments (9 replies)
[–] chicken@lemmy.dbzer0.com 62 points 3 days ago (4 children)

At this point people should not keep substantial amounts of crypto on their main PC anymore. Either get a hardware wallet or an old smartphone or other device to dedicate to that purpose and not install anything else on it.

[–] BuboScandiacus@mander.xyz 7 points 2 days ago (1 children)

old smartphone

Please don't use a device without security updates and a shitton of known vulnerabilities as your wallet

load more comments (1 replies)
[–] bigboismith@lemmy.world 24 points 3 days ago (5 children)

Yeah, like 100% not to victim blame, but that is what not to do 101

load more comments (5 replies)
load more comments (2 replies)
[–] ryathal@sh.itjust.works 80 points 4 days ago (54 children)

This seems way too hostile to valve for what this really was.

load more comments (54 replies)
[–] trk@aussie.zone 36 points 4 days ago (1 children)

Oh crypto, can't you go five minutes without being a scam?

... How long was that?

[–] otp@sh.itjust.works 21 points 3 days ago (5 children)

This isn't a problem of crypto being a scam. The scam was a video game in this case.

If someone hides $30k in cash in their home, gets robbed, then the robber spends it all and dies penniless? The victim won't get their money back. Same as this victim.

That'd make cash just as much of a scam as crypto in these two scenarios.

load more comments (5 replies)
[–] MyOpinion@lemmy.today 38 points 4 days ago (1 children)

Crapto is a total scam. Stop putting your money into this damn Ponzi scheme.

load more comments (1 replies)
load more comments
view more: next ›