The FBI arrested 21-year-old Zyaire Wilkins of North Lauderdale, Florida, over a scheme that embedded malware in eight published Steam games, infecting roughly 8,000 devices and draining about $220,000 from roughly 80 crypto wallets between May 2024 and February 2026. These weren't pirated files or shady torrents — they were real games with real Steam store pages: BlockBlasters, Dashverse, Lampy, Lunara, and PirateFi among them.

~8,000

Devices infected

~80

Wallets drained

$220,000+

Amount stolen

8 published Steam titles

Games used

legitimate store listings, not pirated software

How they actually got caught

Investigators traced the stolen Bitcoin to more than 150 gift cards — most of them spent on Uber Eats. An oddly mundane trail connected anonymous crypto theft to a real identity: laundering stolen funds through everyday small purchases leaves exactly the kind of pattern investigators are built to find, even when the theft itself is sophisticated.

Why "only download from Steam" wasn't enough here

This scheme specifically defeats the standard advice, because the games were legitimately published on Steam's official storefront — not sideloaded, not pirated. The conspirators promoted them across Discord, Telegram, X, and LinkedIn, and used bots to identify and directly message users with visible large crypto holdings. The attack vector here was social engineering plus platform trust, not a technical exploit in Steam itself.

Wilkins faces up to 10 years in prison if convicted. The games in question have presumably been pulled — but the underlying technique, a legitimate-looking storefront presence used as a trust exploit, isn't unique to Steam, and won't be the last time it shows up.