The FBI has recently initiated an investigation into a series of malware threats that have been circulating through PC games available on Steam. This alert, issued by the agency’s Seattle division, encourages potential victims to reach out for assistance. The FBI specifically invites individuals who may have been affected, including minors, to complete a brief form to aid in the investigation.
Identified Threats and Games
Between May 2024 and January 2026, a hacker primarily targeted Steam users, leading to the identification of several games associated with malware. The titles under scrutiny include:
- BlockBlasters
- Chemia
- Dashverse / DashFPS
- Lampy
- Lunara
- PirateFi
- Tokenova
Each of these games has been previously linked to malware incidents. For instance, the free-to-play game PirateFi, which launched in beta in February 2025, was reportedly designed to steal browser cookies and hijack user accounts. Similarly, in July 2025, a cybersecurity vendor raised alarms about Chemia, which was found to update itself with malicious software. Furthermore, the release of BlockBlasters in September 2025 was particularly concerning, as it was identified as a Trojan that siphoned approximately 0,000 in cryptocurrency from unsuspecting victims.
Adding to the urgency of the situation, the FBI’s alert also highlights Lampy, a game that has recently come to their attention for potentially harboring malware. Currently available on Steam, it remains unclear whether this alert pertains to Lampy specifically or a similarly named title that has since been removed from the platform.
Community Response and Company Actions
Valve, the parent company of Steam, based in Bellevue, Washington, has yet to respond to inquiries regarding the situation. However, the company has previously issued warnings to users who downloaded the affected games, including DashFPS. In addition, gaming forums have seen users raising concerns about Lunara and Tokenova, further amplifying the community’s awareness of these threats.
The FBI’s investigation suggests that these malware threats may be linked to a singular group or individual. Notably, all the games involved are indie titles that might not be widely recognized among PC users. To lure potential victims into downloading these games, reports indicate that users received enticing messages via the messaging app Telegram, offering free keys for game trials or even freelance job opportunities to moderate the games. The promotion of BlockBlasters was particularly aggressive, with the attacker reportedly reaching out to cryptocurrency holders to encourage them to try the game as part of a paid promotion.
