Kaspersky warns Wallpaper Engine was used to spread malware across millions of users
Researchers at Kaspersky have identified a malware campaign abusing Steam Workshop content for Wallpaper Engine, the famous live and video wallpaper app and Steam’s most popular non-game app, with an estimated of 20 to 50 million installs. Attackers exploited the app’s “application wallpaper” feature, which lets wallpapers run as standalone Windows executable programs, to distribute malicious packages containing EXE files, DLLs, and scripts hidden alongside legitimate wallpaper files.
Some packages also concealed malware inside password-protected archives, with passwords included in archive names or JSON configuration files so scripts could extract the payloads automatically. Reported payloads include the DarkKomet backdoor, Lumma and Vidar infostealers, the RenEngine loader, cryptocurrency miners, and ransomware. Kaspersky says the activity appears to involve several independent criminal groups using similar methods, rather than a single threat actor. Notably, many of the examples shared by the company appeared to feature anime-style female wallpapers, so you may want to double check your system if that’s your vibe.
China accounted for 89% of detected malicious download attempts, with smaller shares in Russia and other countries. Steam already removed the known malicious wallpapers, but new infected packages continue to appear, so all we can do is advise you to be extra careful before applying any application-based wallpapers or, alternatively, choose one of the alternatives we have listed (Personally, I have heard good things about Lively Wallpaper).
- Wallpapers Hub
- Paid
- Proprietary
External links
- Gamers beware: malicious wallpapers on Steam found stealing accountsSecurelist by Kaspersky
- Steam Workshop abused to spread malware via Wallpaper Engine appBleeping Computer
- Popular Steam app Wallpaper Engine hijacked to spread dangerous malware — how to stay safeTom's Guide
- Warning all weebs: Kaspersky says hackers are distributing malware via anime girl wallpapers on Steam Workshop's Wallpaper EnginePC Gamer
- Kaspersky finds malware hidden in Steam Wallpaper Engine that hijacks accounts to spread itself — dozens of malicious packages downloaded tens of thousands of timesTom's Hardware
Comments
I tried Lively Wallpaper (FOSS), which really works fine. But I think that these are apps which are not really needed, less in PC with few sys specs, due to animated Wallpapers waste a lot of RAM, slowing down the performance.
please stop it with the over-hyperly dramatic headlines... you know what it's suggesting. Is this really pulling revenue? on this site?
In what way is this dramatic? It's pretty factual…
My point is that this website can afford to go against mainstream. Like by including the "but..." aka. the catch in the headline. I'm not mad I clicked on this article, I just wish there was more calm / toned down, simple and honest media. It's a bad example though, you're right. But I still think its a question of approach
Calm isn't so correct in an advice of an Malware which may affect an hugh amount of users. It's not a joke and thousends of new malware every day in the web, every advice of new sources is always needed and welcome.