If you’ve downloaded smaller or unfamiliar games on Steam over the past couple of years, this is one of those stories worth paying attention to.
The FBI has officially launched an investigation into a malware campaign involving several PC games distributed through Steam, with the agency now actively asking affected players to come forward.
FBI Confirms Steam Malware Investigation
According to a public notice from the FBI’s Seattle Division, multiple games hosted on Steam were found to contain hidden malware rather than just functioning as normal titles.
The agency believes the campaign targeted users between May 2024 and January 2026, suggesting this wasn’t a one-off incident, but something that ran quietly for a long stretch of time.
Gamers who may have downloaded any of the affected titles are now being asked to submit information through an official FBI form, as part of efforts to identify victims and track down whoever is responsible.
List Of Suspected Infected Steam Games
The investigation has already identified several games believed to be tied to the malware campaign. These include:
- BlockBlasters
- Chemia
- Dashverse / DashFPS
- Lampy
- Lunara
- PirateFi
- Tokenova
Some of these titles were previously removed from Steam, including Chemia and PirateFi, after being flagged for containing malicious software.
What’s particularly concerning is that these games appeared legitimate on the surface, meaning players could install and run them normally while malware was quietly deployed in the background.
What The Malware Was Doing
While the FBI hasn’t disclosed full technical details yet, reports indicate the malware used in these cases may have included infostealers.
That type of malware is designed to extract sensitive data, including passwords, login credentials, and even cryptocurrency wallet access. In some cases, it can also install additional software without the user noticing.
The FBI is specifically asking victims whether they lost money, and whether any crypto wallets or bank accounts may have been compromised, which hints at financial theft being a key part of the operation.
Investigators are also interested in whether players were contacted before or after downloading the games, which could point to social engineering tactics alongside the infected downloads.
Steam’s Scale Makes This A Bigger Issue
Steam remains the largest PC gaming platform in the world, with over 132 million monthly active users and more than 117,000 games available as of 2025.
That scale is part of the problem here. Even with platform moderation, it creates opportunities for malicious actors to slip through with smaller or less-visible titles.
At the time of writing, Valve has not publicly responded to requests for comment on the FBI investigation.
Malware Targeting Gamers Isn’t New
This isn’t the first time gamers have been targeted through downloads tied to popular platforms or franchises.
Back in 2023, a fan-made Super Mario game was found to contain malware capable of stealing passwords and hijacking crypto wallets.
In March 2024, cybersecurity group VX Underground warned that players searching for Call of Duty cheat software were being exposed to malware that could drain Bitcoin wallets, with potentially millions of accounts at risk.
More recently, Kaspersky identified infostealer malware hidden inside pirated mods for Roblox and other games.
There’s also been a rise in phishing attacks using fake Steam messages, including claims about suspicious logins or fake gift card rewards, designed to trick users into handing over their credentials.
What Players Should Do Right Now
The FBI is urging anyone who downloaded the listed games, or suspects they may have been affected, to report it through their official contact channel, “steam_Malware@fbi.gov”.
Submitting information is voluntary, but the agency notes it may help victims access support, restitution, or legal protections. All identities will be kept confidential.
If you’ve installed any of the named titles, it’s worth running a full system scan, changing passwords, and checking financial accounts for unusual activity.
As this investigation develops, it’s likely we’ll learn more about how the malware worked and how it got past Steam’s safeguards, which could have wider implications for how digital storefronts handle security going forward.