"On Monday, Kaspersky researchers detailed a new "advanced" trojan called "BloodyStealer" that targets users' gaming accounts. The trojan can scrape data from PCs, including passwords, cookies, bank card details, screenshots, and more. It can also steal client sessions from Bethesda, Epic Games, GOG, EA Origin, Steam, Telegram, and VimeWorld. Kaspersky found the malware back in March in an ad on an underground forum."

https://www.techspot.com/news/91463-bloodysteal-advanced-trojan-steals-accounts-most-major-gaming.html

Might want to enable 2FA.

Thanks for the heads up. I already have 2FA and as for the trojan, it's wise for everyone to take a look at what security software they use and ensure everything is protected.

More importantly, never store credit card details on GOG (or other sites that offer the option). It's only if GOG have your CC details stored that this type of malware can actually do financial harm via Galaxy (if it gets bank details, then you're screwed but that's another matter).

Yet this is 2021, and virtual cards are a thing. GOG has my virtual debit card details and I only keep a small amount on it for monthly expenses. Point being, rather than trying to prevent being compromised and sacrificing commodity, assume you can be and prepare for it. The castle's been breached, but the gold is in another keep :P. And the beauty of virtual cards is that you can simply generate a new one if it's been compromised.

“ The trojan can scrape data from PCs, including passwords, cookies, bank card details, screenshots, and more. It can also steal client sessions from Bethesda, Epic Games, GOG, EA Origin, Steam, Telegram, and VimeWorld. Kaspersky found the malware back in March in an ad on an underground forum.”, isn’t that just the definition of both a client and a Trojan?