HQ/EMEAFind out how we can help your business
A new phishing campaign is targeting CS2 players by using Browser-in-the-Browser (BitB) attacks. Reports revealed that the campaign can display a realistic window resembling Steam’s login page.
The attackers imitate the Ukrainian e-sports team Navi to trick fans and convince them with the phishing page by using a well-known brand.
The BitB tactic is a framework that allows threat actors to utilise realistic-looking popup windows.
The phishing operators used the BitB phishing technique to generate realistic-looking popup windows with configurable address URLs and titles within a different browser window.
Essentially, this phishing technique uses phoney browser windows within genuine browser windows to build login pages or other realistic forms, stealing users’ passwords or intercepting one-time MFA passcodes.
Earlier this month, researchers discovered a campaign in which threat actors used YouTube videos and possibly other promotion channels to direct potential victims to phishing sites. These sites use the same IP address, indicating that a single attacker or gang is operating the campaign.
These websites guarantee a free CS2 loot case with new skins. As of now, there are at least seven fraudulent websites that promise the CS2 in-game products.
To claim the gift, individuals must check their Steam account via an impersonated Steam login prompt. The attackers who used the BitB strategy displayed a false login window that mimicked Steam’s official URL and interface within the active window, giving the impression that it was a popup when it was not.
Researchers noted that these fake windows are not resizable and cannot be dragged outside the active window, but users who do not interact with them in these ways may not suspect anything malicious.
These attacks are designed to hijack Steam accounts and resale them on specialised grey markets for thousands of dollars, depending on the account’s game collection and in-game products.
Despite being in the gaming industry for many years, Counter-Strike 2 is still a massive online game with millions of players and professional esports teams. Therefore, threat actors have been using popular pro teams and pro-level competition for phishing Steam accounts, endangering every gamer around the world.
