Hey, Valve—what’s going on over there? Between banning adult games and ignoring requests for a new Steam Deck, something much more serious is slipping through the cracks. For the third time in 2025, a game on Steam has been found distributing malware. This isn’t just a one-off—it’s becoming a troubling pattern that’s starting to shake the trust users place in the platform.
According to cybersecurity firm Prodaft (via BleepingComputer), the latest incident involves Chemia, a post-apocalyptic crafting game that’s been listed on the Steam storefront for over a year. Unlike earlier cases, this doesn’t appear to be a fake title uploaded purely to deliver malware. Instead, researchers believe a known hacker managed to compromise the game files directly, injecting them with two spyware packages—HijackLoader and Fickle Stealer—on July 22nd. These packages were remotely added, with the intent of being delivered to players through legitimate-looking downloads via Steam.
What’s more unsettling is that Chemia is still live on Steam, available through the Playtest system—a kind of invite-based beta feature. The game has no official release date, no user reviews, and virtually no visibility, so it’s unclear how many users have actually been infected. However, the precedent this sets is what really matters.
This follows two similar incidents earlier this year. In February, PirateFi was caught spreading malware. A month later, it was Sniper: Phantom’s Resolution. Both were clearly fake games, full of stolen assets and designed solely to infect users. Valve pulled them quickly, but with Chemia, the situation is more complex. It had been sitting on Steam for 15 months, suggesting that this time, the developer—Aether Forge Studios, with no other known projects—may have been hacked, and their Steam backend compromised.
It’s a stark reminder that even seemingly safe platforms like Steam aren’t immune to exploitation. As Valve continues to focus on content moderation and hardware ambitions, it might be time to take a harder look at store security and vetting practices before trust begins to erode.
