Threat actors are exploiting major Counter-Strike 2 (CS2) competitions, like IEM Katowice 2025 and PGL Cluj-Napoca 2025, to defraud gamers and steal their Steam accounts and cryptocurrency.
Although CS2 first launched 13 years ago, it still maintains a massive community of plays and an active professional competition landscape with multi-million rewards.
Characteristically, earlier this month, CS2 achieved a new peak player count of over 1.7 million concurrent players on Steam.
CS2 streamjacking campaign
A malicious “Streamjacking” campaign was spotted by Bitdefender Labs, targeting the gaming community by impersonating popular CS2 players.
The security firm warns that the threat actors impersonate professional CS2 players like s1mple, NiKo, and donk in live streams on YouTube, promoting fake CS2 skin and cryptocurrency giveaways.
Source: Bitdefender
The channels that promote these scams are hijacked legitimate YouTube accounts, which the scammers rebrand as needed to impersonate professional players.
What they show in these livestreams is loops of old gameplay footage, making it appear live to anyone who hasn’t watched them before.
QR codes or links on these videos direct viewers to malicious websites where they are requested to log in with their Steam account, supposedly to claim their gifts or send cryptocurrency to receive double in return.
“Once logged in, victims unknowingly grant access to scammers, allowing them to steal valuable skins and items. If cryptocurrency is sent, it is immediately transferred to scammer-controlled wallets,” explains BitDefender.
Bitdefender says these scams often use names of legitimate platforms like CS.MONEY or esports sponsorships to further enhance the deception.
Source: Bitdefender
How to stay safe
Gamers should be wary of these scams circulating on YouTube and possibly elsewhere, and they should verify claimed affiliations with official esports organizations before entering any sensitive info on websites.
Promises to double or triple crypto assets by first sending some are always scams, with no exceptions.
To keep Steam accounts safe, all users should activate multi-factor authentication (MFA), enable ‘Steam Guard Mobile Authenticator,’ and regularly review login activity for suspicious sign-ins.
On YouTube, only watch videos from official pro player accounts that you have subscribed to, and be suspicious when you see the same players live-stream on other, even similarly named channels.
Remember that even legitimate YouTube channels can be hijacked to promote scams, so no giveaways should be blindly trusted.