Back

Malware Disguised as Free Steam Game 'Beyond the Dark' Targets Users

Severity: High (Score: 69.0)

Sources: Invenglobal, Gamingbible

Published: 2026-05-20 · Updated: 2026-05-21

Keywords: steam, users, free, game, malware, beware, games

Severity indicators: pla, malware

Summary

The indie game 'Beyond the Dark,' released on Steam, was found to contain malware that steals user data. Exposed by YouTuber Eric Parker, the game masqueraded as a horror title but was actually an asset flip designed to distribute malicious software. The malware, hidden in a DLL file, targets cryptocurrency wallet information and Roblox account credentials. Users reported that the game was unstable and often crashed, but the malware continued to run in the background. Following the exposé, Valve removed the game from its platform to prevent further downloads. This incident follows a previous malware distribution through a free game on Steam in September 2025, highlighting ongoing security risks associated with free indie games. Users are advised to exercise caution when downloading free games, especially those that appear hastily made or use AI-generated assets. Key Points: • The game 'Beyond the Dark' was used to distribute malware targeting user data. • Malware was hidden in a DLL file and aimed at stealing cryptocurrency and Roblox credentials. • Valve quickly removed the game from Steam following the exposure by a tech YouTuber.

Detailed Analysis

**Impact** Users of the Steam platform who downloaded the free game "Beyond the Dark" were affected. The malware targeted cryptocurrency wallet information and Roblox account credentials, putting financial and gaming accounts at risk. The incident follows a similar malware distribution via a free Steam game in September 2025 that resulted in approximately $150,000 in cryptocurrency theft. The geographic scope is global, given Steam’s worldwide user base. **Technical Details** The attack vector was a free Steam game that contained malware hidden in a DLL file named UnityPlayer.dll, which executed upon game launch. The malware included backdoor functionality to download additional malicious software and targeted saved passwords and cryptocurrency-related browser extensions. The game was an asset flip, repurposing commercial assets to evade suspicion. No specific CVEs or infrastructure details were provided. **Recommended Response** Users should immediately uninstall "Beyond the Dark" and run a full antivirus and anti-malware scan. Steam users must exercise caution when downloading free games, especially those with inconsistent descriptions or AI-generated assets. Security teams should monitor for the presence of UnityPlayer.dll running unexpectedly and review logs for unauthorized data exfiltration attempts. Valve and other platform operators should enhance screening processes for free game submissions to prevent similar incidents.

Source articles (2)

  • This Free Steam Game Tricks Players Into Downloading Malware, Users Beware — Gamingbible · 2026-05-20
    Steam users must beware hacked games posing as freebies, when in reality they hide malware looking to steal your information. Those looking for free PC games should often look no further than Steam ,…
  • "I thought it was a Steam game"... Malicious code found planted on users' PCs — Invenglobal · 2026-05-19
    News has recently surfaced that 'Beyond the Dark,' an indie game distributed for free on the global PC gaming platform Steam, was being used to plant malware on users' computers. Released on December…

Timeline

  • 2024-12-29 — Release of 'Beyond the Dark' on Steam: 'Beyond the Dark' launched as a free indie game, initially appearing to be a horror title.
  • 2025-09-01 — Previous malware incident on Steam: A free game called 'Blockbusters' was used to spread malware, resulting in significant cryptocurrency theft.
  • 2026-05-18 — YouTuber exposes malware in 'Beyond the Dark': Eric Parker released a video detailing how the game was an asset flip designed to distribute malware.
  • 2026-05-19 — Valve removes 'Beyond the Dark' from Steam: Following the exposé, Valve acted swiftly to block downloads of the malicious game.
  • 2026-05-20 — Gamingbible reports on the malware incident: Gamingbible published an article warning users about the malware and the importance of caution when downloading free games.

Related entities

  • Data Breach (Attack Type)
  • Malware (Attack Type)
  • China (Country)
  • Kazakhstan (Country)
  • UnityPlayer.dll (Malware)
  • T1105 - Ingress Tool Transfer (Mitre Attack)
  • Roblox (Company)
  • Steam (Platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed