An undisclosed number of Twitch users have been hit with phishing attempts while using Twitch’s chat windows.
The gaming broadcast service’s support team has warned users via Twitter that they should not click links labeled “csgoprize” if they appear in stream chats, because the links lead to the installation of malware on the user’s system designed to steal the user’s Steam login information.
While Twitch has not disclosed the number of users affected by the scam, they have stated that they are working on blocking that link. However, they do warn users to be on the lookout for similar attempts in the future, and to always use caution when clicking links in chat.
For broadcasters who are looking for a way to prevent these issues from arising on their stream chats, there is an option in Twitch’s Channel and Video Settings called “Block Hyperlinks,” which will prevent viewers from posting any links to other users.
Update 9/16/2014: The Finnish security firm F-Secure Labs, which discovered the malicious software, has dubbed it Eskimo, and warns that clicking the link labeled “csgoprize” leads to a java application that claims to offer a prize for the popular first-person shooter Counter-Strike: Global Offensive. When the user enters their name and e-mail address, granting permission to publish their name as a winner in the raffle, their computer is infected with the rogue software, which steals access to the user’s steam account. Twitch, owned by Amazon, now claims that only one user has come forward as having been affected by the malware, and that they do not believe it to be a widespread issue; however, they still advise caution when clicking links from unfamilar sources in Twitch chat.
Don’t be tempted by links promising gifts in your favorite games.
