Free Steam Game Beyond The Dark Removed After Malware Was Found Stealing Passwords and Crypto Data
A free Steam game called Beyond The Dark has been removed from the platform after it was discovered to contain credential-stealing malware. The game, which reportedly crashed for many users shortly after launch, was still able to run malicious activity in the background, putting players’ passwords, browser data, and cryptocurrency wallets at risk.
The situation has raised fresh concerns about malware hidden inside Steam games, especially when attackers compromise existing developer accounts and use them to push infected updates or replace older game files.
Beyond The Dark did not begin as the game players saw on Steam. According to the findings shared by security-focused creator Eric Parker, a previously existing Steam developer account appears to have been hijacked. The original project, known as Rodent Race, was replaced with a completely different title, new screenshots, and altered game files.
The store page itself showed several warning signs. While the screenshots suggested a survival horror experience, the description reportedly referred to the game as a “turn-based strategy game inspired by chess.” The mismatch made the page look rushed, inconsistent, and likely assembled with low-effort or AI-generated material.
The real danger was hidden inside a file named UnityPlayer.dll. That name is commonly associated with Unity Engine games, which made it look like a normal part of the installation. However, in this case, the file was reportedly spoofed and used to hide malware.
Once the game was launched, it often crashed, which may have made some users think it was simply broken. But behind the scenes, the malicious component continued running. It connected to a remote server and downloaded additional tools designed to steal sensitive information from the infected system.
The malware was reportedly capable of targeting saved browser data, login credentials, passwords, and cryptocurrency wallet information. For anyone who installed and ran Beyond The Dark, the risk was not limited to Steam account security. Email accounts, banking-related logins, browser-stored passwords, and crypto wallets may also have been exposed.
Valve removed Beyond The Dark from Steam after the malware behavior was publicly documented. However, the case highlights a larger problem: malicious games on Steam are becoming more frequent, and some attackers are finding ways to bypass early checks.
This is not an isolated incident. The FBI launched a formal investigation in March 2026 into several Steam games allegedly used to distribute malware, with incidents reportedly dating back to 2024. Games named in connection with this wider wave include Chemia, PirateFi, Tokenova, BlockBasters, and others.
Many of these cases appear to focus on cryptocurrency theft. In one reported incident, malware linked to a Steam game was used to steal around $32,000 in cancer donations from a streamer. That case helped draw more attention to the growing threat of game-based malware targeting creators, gamers, and crypto users.
One reason this problem is difficult to stop is the massive number of games and updates submitted to Steam. Even if a game passes an initial review, attackers may later introduce malware through a post-launch update. If a developer account is compromised, a trusted or previously harmless game can suddenly become dangerous without players realizing anything has changed.
For players, Beyond The Dark is a reminder that free games are not automatically safe just because they appear on a major storefront. Suspicious store pages, inconsistent descriptions, poor-quality screenshots, sudden name changes, and games that crash immediately after launch can all be red flags.
Anyone who downloaded and launched Beyond The Dark should take action immediately. Delete the game from your system, then run a full antivirus or anti-malware scan using a trusted security tool. After that, change passwords for your email, Steam account, browser-saved logins, financial accounts, and any cryptocurrency-related services.
If you had a crypto wallet on the same device, consider moving remaining funds to a new wallet created on a clean and secure device. Also check your browser extensions, startup programs, and recently modified files for anything unusual.
Steam remains one of the biggest gaming platforms in the world, but this incident shows that players still need to stay alert. Malware hidden in games is no longer a rare trick. As attackers continue targeting gaming communities, users should treat unexpected crashes, strange game pages, and unknown free titles with caution.
