India, March 24 -- Steam got used to delivering malware. A game called Sniper: Phantom's Resolution, which looked legit, contained malware that stole user data. Weeks after, another Steam game, PirateFi, was found to be spreading Vidar infostealer malware to 1,500 people. What's going on with game marketplaces and vulnerabilities that cybercriminals can exploit?

In this attack, cybercriminals use Steam's submission process to upload legit infected games. Here's how it works:

* Disguised as a Game Demo-The infected files are hosted on "Steam's store," so it will look like a demo game.

* Advanced Obfuscation-The code hides itself in the installer as a regular Windows activity.

* Persistence Mechanisms-Once on the victim's machine, malwa...