The FBI is seeking victims of eight malicious Steam games distributed between May 2024 and January 2026 that contained infostealer malware designed to steal cryptocurrency wallets, credentials, and account access. Notable cases include BlockBlasters (which stole ~$150,000 from 261+ accounts) and Chemia (which distributed HijackLoader and Vidar/Fickle Stealer malware).
Interpol's Operation Synergia III resulted in 94 arrests, seizure of 212 devices, and sinkholing of 45,000 malicious IPs across 72 countries involved in phishing, romance scams, credit card fraud, and identity theft schemes. The operation demonstrates growing international law enforcement coordination, with significant contributions from cybersecurity firms providing threat intelligence on criminal infrastructure.
Threat actor Storm-2561 distributes fake VPN clients from major vendors (Ivanti, Cisco, Fortinet, Sophos, Sonicwall, Check Point, WatchGuard) via SEO poisoning to steal enterprise VPN credentials and configuration data. The malware bundle includes the Hyrax infostealer, creates persistence via RunOnce registry keys, and displays fake login interfaces before redirecting users to legitimate vendor sites to avoid detection.