Feds arrest Florida man over $220K Steam crypto malware scheme
Federal authorities have arrested a Florida man for allegedly using video games on Valve's Steam platform to steal $220,000 in cryptocurrency, exposing a targeted cybersecurity threat to digital asset holders.
Federal agents arrested 21-year-old Zyaire Wilkins on Tuesday, charging him with conspiracy to obtain information by computer for private financial gain. An FBI complaint alleges Wilkins helped distribute malware through online video games to break into roughly 80 cryptocurrency wallets and steal at least $220,000 between May 2024 and February 2026.
The operation relied on a highly targeted approach rather than mass phishing. The group marketed eight infected games across Discord, Telegram, X and LinkedIn, deploying bots to identify users with substantial crypto holdings. Victims were then nudged to download the titles, which harvested login credentials and private data to unlock their digital asset accounts.
While the FBI complaint refers only to a "popular digital distribution software company," the listed games—PirateFi, BlockBlasters, Dashverse and Lunara—match titles flagged in a prior public Steam malware investigation. The case is being prosecuted in Seattle, near the Bellevue headquarters of Valve, Steam's owner, highlighting the regulatory and security risks facing mainstream platforms that inadvertently host financial malware.
Investigators traced the stolen Bitcoin to Bitrefill, where it was converted into more than 150 Uber Eats gift cards. A subpoena to Uber linked those deliveries to Wilkins' home and his University of West Florida addresses. When agents searched his North Lauderdale residence last week, they seized devices and three wallet seed phrases, including one for a privacy coin an agent described as "frequently used by criminals" due to its trace resistance.
For market participants, the arrest underscores the evolving sophistication of attacks aimed directly at crypto wealth. Unlike broad phishing campaigns, this scheme weaponized trusted consumer software to pre-vet victims before executing what the conspirators called "draining campaigns." Wilkins allegedly paid $10,000 for a remote access trojan to facilitate these thefts, and a review of his crypto history showed roughly $382,000 moving in and out of his accounts.
The charge represents the first known arrest connected to the FBI's March warning about malicious Steam titles, signaling active federal enforcement against gaming-based crypto theft. One of the games, BlockBlasters, notoriously drained over $32,000 from a streamer during a live cancer-fundraising broadcast last September. Just last month, researchers flagged similar malware hidden in Steam Workshop wallpapers, suggesting the threat vector remains active.
Wilkins faces up to 10 years in prison and is awaiting transfer to Washington state.