This free Steam game kept crashing on launch, but was actually robbing users in the background

Beyond The Dark has now been taken down from Steam, since its malware status was publicized on YouTube.

A hijacked Steam game, Beyond The Dark, was found hiding credential-stealing malware in a spoofed UnityPlayer.dll. Valve removed it after a researcher's exposé — it's the latest case in an FBI-investigated wave of malware games on Steam.

Anubhav Sharma, Published 05/19/2026

Gaming Security

A free Steam game called Beyond The Dark was quietly stealing passwords, browser data, and cryptocurrency from players before Valve pulled it on May 19. But what makes this case important isn't just the malware — it's how it got there, and how common this practice has become on Steam.

The game originally had nothing to do with horror. A malicious actor hijacked an existing Steam developer's account — a simple title called Rodent Race — and replaced the name, screenshots, and game files entirely. They basically exploited Steam's lack of update verification. The store page was a huge mess of contradictions: survival horror screenshots, but a description calling it a "turn-based strategy game inspired by chess." All of it appeared to be hastily AI-generated assets.

How the malware worked:

The payload was buried inside a file called UnityPlayer.dll — a legitimate Unity engine component — which made it easy to overlook. The game would often crash on launch, but the malware kept running in the background. It connected to a remote server and downloaded tools to steal passwords, browser data, and crypto wallet credentials.

Who caught it:

YouTuber Eric Parker published a video (see above) breaking down the malware's behavior, which prompted Valve to remove the game entirely.

The bigger picture:

This isn't a one-off. The FBI launched a formal investigation in March 2026 into multiple malware-embedded Steam games going back to 2024, naming titles including Chemia, PirateFi, Tokenova, BlockBasters, and others — most of them targeted crypto wallets, with one case exfiltrating $32,000 in cancer donations from a streamer (read more about that here). The frequency of these incidents has only increased despite Valve's efforts, likely because the sheer volume of new releases overwhelms the vetting system . In some cases, malware is introduced via post-launch updates that bypass initial checks.

If you ran it:

You should delete the game ASAP, run a full AV scan (Malwarebytes or Bitdefender), change passwords for email, browsers, and any crypto accounts, and move remaining wallet funds to a fresh wallet on a clean device.

Source(s)

Eric Parker - Youtube via @Pirat_Nation, Steam

⟨

Virtuos wants to port GTA V, Red Dead Redemption 2 to Nintendo Switch 2 after L.A. Noire success

Add as a preferred source on Google

Loading Comments

Comment on this article

Anubhav Sharma - Tech Writer - 1599 articles published on Notebookcheck since 2024

Most of my time goes into writing - and somehow it hasn’t stopped being fun yet. My work mainly revolves around everyday tech, gaming, watches, DIY modding, and the occasional piece on tech-policy chaos when companies and governments clash. I try to keep things simple and honest, without sounding like a product brochure. I have a Bachelor’s degree in Computer Science Engineering and an Associate Degree in English Studies from the College of New Caledonia in British Columbia, Canada. Away from articles and deadlines, life usually shifts to making music, taking photos, or trying to finish games that should have been completed months ago.

contact me via: @lottamuzic, LinkedIn

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2026 05 > This free Steam game kept crashing on launch, but was actually robbing users in the background

Anubhav Sharma, 2026-05-19 (Update: 2026-05-19)

How the malware worked:

Who caught it:

The bigger picture:

If you ran it:

Source(s)

Related Articles