Valve Software has removed a platform game called Abstractism from its Steam store and refunded customers following complaints that it was shipped with cryptocurrency mining malware.
In a statement today, Doug Lombardi, vice president of marketing at Steam, said: “We have removed Abstractism and banned its developer from Steam for shipping unauthorised code, trolling with content, and scamming customers with deceptive in-game items.”
In the process, SidAlpha claimed to have discovered that the developers behind the game were up to much more than just that.
Abstractism encourages people to keep it running in the background by offering items that can be traded on the Steam store based on the length of time that a player plays the game.
“Games that promise item drops based on the length of time the game has been running, coupled with the game being so simplistic, means that the game’s developers are actively implementing a system that encourages the game to remain open 24/7,” said SidAlpha in the YouTube posting.
These item drops include ‘vintage ban hammers’ and other novelties that can be traded with other Steam gamers.
He continued: “In particular, to have the game open at a specific period of time each week in order to have the developers ‘reset the item drops’.
“This is crucial for two very different but interlinked reasons. The first is that if this is a crypto-miner, which I believe it to be, it would be in the developer’s best interest to make certain that you run this game all day, every day, so they encourage that through the use of item drops.
“Second, they would also need a way to collect the calculated hashes and to distribute new ones, say, through an executable that allows them to run remote commands, like the Steam Service executable.”
More interestingly, perhaps, a post from Matheus Muller, pinned to the top of the comments pile by SidAlpha, confirmed that the game bore all the hallmarks of a cryptocurrency miner.
Muller wrote: “I bought the game, set it up on a virtual machine, and let it run for around twenty minutes. Here are some objective findings, along with my own two cents (TL;DR: yes, it’s a crypto miner):
* The game resource consumption is significant and inconsistent with its graphical quality or complexity;
* The proportion of CPU/GPU/RAM/IO usage is consistent with what you would expect from a crypto miner;
* This resource usage is unrelated to graphical rendering, as it persists even when the game is not being rendered or is being rendered by a separate GPU (this contradicts the developer’s answer that the resource usage is related to high graphical settings);
* The resources used are not only graphical in nature, but include a sizeable amount of disk space which again is not expected from a game of this complexity; but is expected of a crypto miner;
* The game causes a huge amount of network activity, which again is not consistent with the game; but expected of a crypto miner (during the initial miner setup, the blockchain has to be downloaded);
* The game’s network system port usage is as expected of a Monero miner.”
Muller concluded: “There’s no doubt in my mind that this game runs a Monero mining node. Just your (pretty good) description of the facts should be enough for this conclusion, really; I bought and ran the game mostly out of a sense of stunned disbelief…
“The kicker here is that this is just one of the many ways that this game is making money for its developers… I for one do not welcome our new highly optimized, multi-venue money-making overlords.”
The exploitation of Steam by alleged cryptocurrency miners will pose yet another challenge for Valve Software, which has sought to adopt a hands-off approach to its Steam store in order to encourage the widest number of games for the PC, Mac and Linux platforms.