STEAM Account Hacks

carlos · October 21, 2023, 5:20pm

So recently - like a few days ago - my STEAM account got hacked. I believe I know how and have since secured it.

Apparently a friend of mine had their account hacked and had sent out a link saying they got some gift card from STEAM. Using my mobile I wasn’t able to fully view the details in the URL, but because it’s someone I know personally and trusted I opened the link. Came to a STEAM page that required sign in - a bit odd but it did have the authenticator (STEAM Guard) code stuff and all that so I went along. This was done while I was at work - I should have been more diligent.

Got locked out of my account and LITERALLY JUST GOT BACK ACCESS. Reinstalled stuff on my PC and realized my STEAM password didn’t work. Went through and realized it may have been some Russians. Please be careful with links you get - they’re using all kinds of methods to get into your stuff now.

The problem here? I’ve lost ALL of my contacts. Going take time to get back everyone - so if you had me in your list before - please add me back.

Again - be careful.

EDIT
Found this thread in their community.

Which takes you to this.

You need to log in to see the recent history. As I said - some people from Russia.

So around the 17th they used the link sent out from the compromised account of my friend. Then I logged in thereafter and then they got back and changed my stuff. I’ve raised a ticket with STEAM and will hopefully block them.

Once more. Be careful.

EDIT #2
I have to give props to the phishing method though. It involved the use of the STEAM Guard code and then cutting off the user once they got logged in. It’s elaborate and well done.

What I need to find out - which I’ve already asked STEAM support - is what data was accessed and such.

Accessing from desktop would have shown some more info. I checked my browser history on my phone - all of the links from “https://steamcommumutiy.com/” - which has two letters out of place. Well - wrong spelling overall. So it was missed because I was driving.

The site is no longer up - seems to have been taken down. Either by reports made or because they’ve gotten into enough accounts.

There may be others like that in future - so please be careful.

EDIT #3
Items in my inventory were transferred out to other accounts. I found the accounts that my items were sent to - and I raised the concern with STEAM. They pointed me to these.

Apparently there’s no recourse for items sent from your account because account security is the responsibility of the end user.

They also said “In addition, we are unable to recover any friends or Community groups that have been lost or deleted.”

I have quite a lot of items lost now. I’ll be making a note of it and seeing how things go.

carlos · October 23, 2023, 2:50pm

Double posting because I’d like to separate the info, there’s a lot in the first post and I may get more as things develop.

Heard from my friend that I had gotten the message from first. Apparently his account was compromised on the 15th. He got no message. Clicked no links. Did not get any authenticator code request. Nothing. He said other friends contacted him to say they were getting messages from him about coupons and stuff spammed back to back, which is unlike him. I had only gotten one message.

He went in and changed his credentials and stuff and his account should be fine now, but that’s concerning. It would suggest that STEAM’s database had some leak.

In his case, they didn’t change his password. They used his account to send out the phishing links as spam to everyone in his account. He lost no items either, which is good.

I forgot to mention that I can’t get back my items because they won’t remove it from another account and the only way to give it back would be to duplicate the items, which would cheapen the value on the market. Epic stuff.

Will update as things progress.