On Monday Valve pulled an indie game from its digital games marketplace, Steam, that was allegedly a front for a cryptocurrency mining operation. The game, called Abstracticism, allegedly hijacked players’ computers and used them to mine cryptocurrency.
The scam is known as “cryptojacking”; when hackers force a victim’s computer to dedicate resources to guessing the correct value that validates a block of cryptocurrency transaction data. This process is extremely resource-intensive and can lead to overheating and slowdowns. Cryptocurrency mining can be lucrative as miners are rewarded with digital coins, which scammers receive without having to buy their own computers to do the mining with.
Players allege that the developers also used the game to generate counterfeit digital items it used to scam unsuspecting customers.
Developer Okalo Union and publisher dead.team released Abstractism on Steam on March 15. In the simple platformer, players move blocks around a 2D space while soothing music plays. “[It’s] an absolutely trivial platformer, but the only really special feature—there is ‘Game over!’ But instead, there is an ASMR soundtrack, a stylish minimalistic design and a relaxing atmosphere inside!” says the poorly-worded official description. There were some immediate red flags: for one, the developers incentivized players to leave the game running even when not in use with the promise of rare items.
On Sunday, YouTuber SidAlpha broke down Abstractism’s elaborate scam in a video. He learned about the game when a fan reached out to tell him they’d been taken in when they tried to buy a $100 golden rocket launcher for the game Team Fortress 2 via a third party site. Apparently, the scammer had sold them an item for Abstractism that used the same name and art as the golden rocket launcher, but would never work in Team Fortress 2.
SidAlpha and other internet sleuths—one as early as July 13—dug around and noticed that running the small indie game hogged system resources, triggered Windows Defender alerts, and tripped anti-virus software. The source of the resource-hogging and malware alerts, they believed, was malicious software embedded in the game that allegedly hijacked their machines and looped them into a cryptocurrency mining operation.
In an update to the game posted on July 23, dead.team used its patch notes to deny it was mining cryptocurrency. “Abstractism Launcher and Abstractism Inventory Service are not Bitcoin miner (and are not Monero miner too, honestly),” the patch notes said, referring to two executables the game runs. “These apps are required to connect to the Steam and grant items to your inventory.”
On Monday, July 30, Valve removed the game from Steam. “We have removed Abstractism and banned its developer from Steam for shipping unauthorized code, trolling with content, and scamming customers with deceptive in-game items,” a Valve spokesperson told me in an email. Valve didn’t speak to the nature of the unauthorized code and didn’t respond to questions about it being cryptocurrency mining software.
“There’s been a couple of instances in the past where there’s been a crypto miner or some form of virus [in a Steam game] but that’s been extremely rare,” SidAlpha told me via Skype. Last year, a scammer duped players of the popular game Fortnite into downloading cryptocurrency mining malware disguised as cheats for the game.
Cryptocurrency mining was only one of dead.team’s revenue streams. Abstractism also generated counterfeit digital items—such as the faux golden rocket launcher for Team Fortress 2—that users could sell on grey market websites for a huge profit. Rare Team Fortress 2 and Dota 2 items can sell for hundreds of dollars and Abstractism generated digital goods that looked like the real thing, but did absolutely nothing.
Selling counterfeit digital goods on the grey market is an updated version of an old scam involving Steam’s digital trading cards. Valve cracked down on the old scammers, but as Abstractism seems to show, they might have found a new way to make money.
“This underscores one of the fatal flaws in how Steam handles its marketplace,” SidAlpha said. “A game like this has an infinitely repeatable digital item that can be sold and traded for real world money. Without some form of regulatory action then we will absolutely see more of this kind of thing.”
Between the alleged cryptocurrency mining operation and the counterfeit goods, there’s no telling how much cash dead.team and Okla Union made before Valve pulled the plug on Abstractism. According to Steampsy—a site that mines information about Steam games—around 6,000 users had downloaded the game and digital items were added a week ago.
Listen to our podcast about the world’s greatest mysteries that were solved by science.