An unusual form of malware is currently spreading through the chat feature on Twitch. Dubbed “Eskimo” by the software security company F-Secure, the bug takes control of an account, logs into the gaming platform Steam, then cleans out the victim’s wallet and sells any valuable items bought or acquired through the service.

According to F-Secure, the virus is spread through a fairly typical phishing scheme. A Twitch-bot account bombards channels and invites viewers to participate in a weekly raffle for a chance to win game-related prizes. The link provided by the Twitch-bot leads to a Java program which asks for the participant’s name, e-mail address and permission to publish the winner’s name. Once a target provides that information, the malware downloads and executes a Windows binary file.

“This malware, which we call Eskimo, is able to wipe your Steam wallet, armory, and inventory dry. It even dumps your items for a discount in the Steam Community Market,” said F-Secure.

Interestingly, all this is done from the victim’s own computer, thereby bypassing the security checks Steam has in place for logging in from a new machine. The Verge is reporting that the more valuable stolen items are being traded to an account called “Youni.” Because of Steam’s security procedures, this “Youni” account should be linked to a specific computer, which should make it possible to track down whoever is behind the attack.

In the meantime though, Twitch users should be wary of strange links.