---
title: "FBI charges man over malware hidden in video games that drained crypto wallets"
description: "US prosecutors have charged a 21-year-old Florida man over a scheme that allegedly hid malware inside video games distributed on Steam, infecting thousands of devices and stealing about $220,000 in cryptocurrency. Investigators say they traced him through gift cards spent on food delivery."
category: "Technology"
category_url: https://newsparlor.com/category/technology
author: "James Whitmore"
published: 2026-07-17T16:28:00.000Z
updated: 2026-07-17T16:28:00.000Z
canonical: https://newsparlor.com/article/fbi-steam-games-malware-crypto-theft
tags: ["cybercrime", "cryptocurrency", "malware", "steam", "fbi"]
---
# FBI charges man over malware hidden in video games that drained crypto wallets

US prosecutors have charged a 21-year-old Florida man over a scheme that allegedly hid malware inside video games distributed on Steam, infecting thousands of devices and stealing about $220,000 in cryptocurrency. Investigators say they traced him through gift cards spent on food delivery.

The FBI has arrested and charged a young Florida man over an alleged scheme that concealed malicious software inside video games to steal cryptocurrency from people who downloaded them, in a case that illustrates both the ingenuity of online criminals and the ways investigators can unpick their trails.

Zyaire Wilkins, 21, of North Lauderdale, is [accused of conspiring to hide credential-stealing malware in several games distributed through the Steam platform](https://techcrunch.com/2026/07/17/fbi-arrests-man-accused-of-using-steam-games-to-drain-victims-crypto-wallets/). According to the charges, the infected titles reached around 8,000 devices and were used to steal roughly $220,000 from about 80 cryptocurrency wallets between 2024 and 2026. He is presumed innocent unless proven guilty.

## How the scheme allegedly worked

The games, which prosecutors say were promoted across platforms including Discord, Telegram, X and LinkedIn, appeared to be legitimate. But once installed, the malware embedded in them was designed to harvest login details and the information needed to access victims' crypto holdings, according to the authorities. Bots, investigators allege, were used to seek out people known to hold significant amounts of cryptocurrency and to encourage them to download the software.

It is a pattern security researchers have warned about: the disguising of malware as ordinary software, including games, to slip past users' defences. Cryptocurrency is a particularly attractive target because transactions are hard to reverse and, once funds are moved, difficult to recover.

## A trail of gift cards

The most striking element of the case is how investigators say they identified a suspect. According to court filings, agents followed stolen bitcoin as it was converted, through an online service, into a large number of gift cards. Many of those cards, they found, were spent on the food-delivery service Uber Eats.

A subpoena to Uber then linked the deliveries to specific addresses, including ones connected to the suspect, allowing investigators to tie an online identity to a real person. It is a reminder that even in a world of pseudonymous cryptocurrency and encrypted chat, the ordinary business of everyday spending can leave a trail that leads back to a name.

## The stakes

If convicted, Wilkins faces a substantial prison sentence, with the most serious charge carrying a maximum of around a decade. The case is reported to be among the first arising from an FBI investigation into a wave of malware-laden games that targeted the cryptocurrency community.

For the wider public, the episode carries a familiar but important lesson. Downloading software, even something as innocuous-seeming as a game, from an untrusted source, or on the strength of an unsolicited message, can carry real risks, particularly for anyone holding valuable digital assets. Security specialists routinely advise caution: sticking to trusted sources, being wary of unsolicited approaches, and keeping significant cryptocurrency holdings in more secure forms of storage.

The allegations, if proven, would show how a scheme run largely through gaming and messaging platforms could reach victims around the world and net a substantial sum. They also show that such schemes are not beyond the reach of the law: in this instance, it was a string of takeaway orders, of all things, that investigators say helped bring the alleged operation to light.
