Counter-Strike 2’s thriving community, which recently hit a record 1.7 million concurrent players, has become the target of an elaborate cybercrime campaign. Scammers are exploiting major tournaments like IEM Katowice 2025 and PGL Cluj-Napoca 2025 to conduct fraudulent activities.

Bitdefender Labs has identified a “Streamjacking” operation where criminals impersonate prominent CS2 players such as s1mple, NiKo, and donk on YouTube. The scammers hijack legitimate YouTube accounts and stream looped gameplay footage, making it appear live while promoting fake cryptocurrency and CS2 skin giveaways.

The fraud scheme works by directing viewers to malicious websites through QR codes or links, where they’re prompted to log in with their Steam credentials or send cryptocurrency with promises of doubled returns. Once accessed, the scammers can steal valuable in-game items or transfer cryptocurrency to their controlled wallets.

Security Recommendations:
– Enable Multi-Factor Authentication (MFA) on Steam accounts
– Activate Steam Guard Mobile Authenticator
– Monitor account login activity
– Only watch content from verified player accounts
– Verify affiliations with official esports organizations
– Avoid cryptocurrency “doubling” offers

The scammers often leverage legitimate platform names like CS.MONEY and esports sponsorships to appear credible. Users should remain vigilant, as even legitimate YouTube channels can be compromised to promote these scams.