Hacker Drains Cancer Patient’s $32K Treatment Fund Through Fake Steam Game, Outraged Community Hunts Him Down and Restores the Loss
Published
- Targeted theft: A hacker drained $32,000 in cryptocurrency from a stage 4 cancer patient, specifically targeting funds for medical treatment.
- Community support: The crypto community responded by donating funds, with one user contributing $30,000 to help the victim.
- Hacker investigation: A volunteer group of cybersecurity experts located the drainer infrastructure, identified other victims, and reportedly doxed the hacker.
A stage 4 cancer patient known online as "Rastaland" was targeted by a malicious crypto theft. The attack, which drained approximately $32,000 intended for medical treatment, has sparked a significant and multifaceted response from community members, including large-scale donations and a volunteer-led hacker investigation.
The Volunteer Hacker Investigation
A decentralized group of cybersecurity professionals and OSINT (open-source intelligence) specialists launched an independent investigation into the spearphishing cryptodrainer disguised as a paid video game demo.
The game, reportedly Block Blasters on Steam, contained a .bat file searching for browser credentials and crypto wallets. The malware itself was flagged across relevant security platforms, and the malicious game has been removed from Steam – after Valve had been receiving over 100 user reports about the malicious game.
The team successfully traced the attack back to its source, identifying the specific malware and associated infrastructure used in the theft, as the attacker’s Telegram credentials were exposed in plain text in their drainer.
By analyzing the malware infrastructure, the volunteers were able to extract data on other individuals who had been compromised by the same scheme and intend to notify them.
Vx Underground reported reverse engineering the malware with help from other people, accidentally pulling the attackers’ infrastructure and “all 907” victim logs.
The investigation further delved into the identities of the perpetrators. By cross-referencing information from Telegram and Steam IDs linked to the hackers, the group was reportedly able to dox the individuals responsible for the attack.
Some reports say OSINT investigators tracked down the scammer who drained a cancer patient’s treatment fund to be an Argentine immigrant in the U.S. and reported him to ICE.
This demonstrates a community-driven approach to cyber justice, using collective technical skills to unmask threat actors and aid victims.
The Crypto Theft and Financial Response
The incident began when the victim discovered their crypto wallet had been drained of $32,000. These funds were reportedly designated for the patient's ongoing cancer treatments. News of the theft spread rapidly across social media platforms, drawing outrage from the community.
In a powerful show of support, users began organizing to assist the victim. A prominent community member, ZssBecker, reportedly donated $30,000 to help replenish the stolen funds, with other users contributing to the effort.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular