Two hackers compete in the cybersecurity section of Iran’s 2025 Tech Olympics in Tehran, Iran, on October 28, 2025. At Iran’s 2025 Technology Olympics, held at Pardis Technology Park, hackers from eight countries, including Pakistan, Tunisia, China, and Russia, participate in the cybersecurity section. (Photo by Morteza Nikoubazl/NurPhoto via Getty Images)
The FBI has arrested a Florida man accused of helping operate a cryptocurrency theft scheme that allegedly spread malware through video games on Steam. According to federal investigators, the operation infected around 8,000 devices and stole more than $220,000 from cryptocurrency wallets between May 2024 and February 2026.
The suspect, 21-year-old Zyaire Dontaevious Zamarion Wilkins of North Lauderdale, Florida, was arrested on Tuesday and charged with conspiracy to obtain information by computer for private financial gain. His arrest marks the first publicly reported development in the FBI’s investigation into malware-infected Steam games.
FBI alleges Steam malware campaign infected thousands of users
A 15-page federal criminal complaint alleges that Wilkins helped finance and market malware embedded in eight video games distributed through a popular digital distribution platform. Even though the complaint doesn’t mention Steam directly, the names of these games, which include BlockBlasters, Dashverse, Lunara, and PirateFi, have been named by the FBI during an earlier alert regarding malware-infected games on Steam.
The infection was estimated to affect almost 8,000 computers, but around 80 cryptocurrency wallets were drained, indicating that the targeted users believed to own cryptocurrency rather than hacking every computer.
Investigators traced stolen cryptocurrency through gift card purchases
FBI says that the group spread these harmful games on platforms such as Discord, Telegram, X, and LinkedIn. Also, they used automatic software tools to find crypto holders with large amounts of money and send them direct messages that would persuade them to install these infected games.
Instead of cashing out directly, the defendants changed the obtained Bitcoins for more than 150 gift cards via the website Bitrefill. Many of these gift cards were used to make purchases via the Uber Eats platform.
The complaint says that the subpoena issued by the federal government to Uber showed that these gift cards were used for deliveries to the residence of Wilkins’ family in North Lauderdale and even some locations associated with his studies at the University of West Florida.
Complaint links Wilkins to malware operation
According to the complaint, Wilkins was operating online using the pseudonym “Sibel.eth.” From the Signal chat, evidence found indicated that Wilkins purchased a remote access trojan for $10,000 and talked about persuading the victim to authorize cryptocurrency transactions that depleted their wallet.
The authorities have claimed that Wilkins was financing and marketing the malware but not developing it. According to sources, the developer of the alleged malware had their residence raided by the investigators, although they were not revealed publicly or charged.
During the search of Wilkins’ house, several electronic gadgets as well as three seed phrases for cryptocurrency wallets were seized. The complaint stated that one of the wallets belonged to Monero while the transaction history showed around $382,000 in cryptocurrency transactions.
Wilkins faces up to 10 years in prison
Wilkins was charged with a federal crime of conspiracy to access information using computers with intent to make personal financial gains. He faces up to 10 years jail term if found guilty. The criminal proceedings against him have been filed in a federal court in Seattle, Washington. There has been no further reports regarding any more arrests by the FBI, showing that the larger investigation about individuals allegedly involved in the malware campaign is still on-going.
