Originally posted by ClassicGamerNL:

Steam Deck Hacked Twice: Is Firmware Compromised?

I’m reaching out because we’re dealing with a very alarming and frustrating situation. My son’s Steam Deck has been hacked twice now, and it feels like there’s no way to secure it properly. Here’s what happened:

The first hack occurred a few months ago. Bots automatically farmed his trading cards, sold them for 1 cent each, and then flipped them in rapid transactions. Within just 2 minutes, over 40 transactions were completed, and everything was gone. We took the Steam Deck away after that and didn’t use it for months.

Recently, I completely wiped and reinstalled the Steam Deck using a USB drive, thinking it would solve the issue. This week, we gave it back to my son, and now, just a few days later, the same thing has happened again.

He insists that the only thing he did was download Steam Workshop items. Could this somehow be the cause? The device is now removed from all accounts, 2FA has been reset, and passwords have been changed, but the trust is completely gone.

We’re starting to wonder if the Steam Deck firmware itself could be compromised. Is it possible for a hack to survive even after a full reinstall? Is there any way to flash or reset the firmware to ensure it’s clean?

At this point, we’re so concerned we’re considering just breaking it in half and throwing it away. Has anyone experienced something like this? Is there a way to confirm if the firmware is secure?

Your son gave away his account info to a phishing login site at some point. Nothing to do with the Steam Deck itself.

Secure his account. All the steps, in order...

Deauthorize all devices https://store.steampowered.com/twofactor/manage

Change your password on a secure device.

Generate new back up codes. https://store.steampowered.com/twofactor/manage

Revoke the api key (this should be empty) https://steamcommunity.com/dev/apikey

Stuff like this isn't device based, it is account based. Be careful when using your Steam login for third party APIs on some other website, for example.

The only other thing I can say is get hold of Steam support and get a ticket.
Do all the security checks and change passwords, get Steam App on to your phone and setup the Authentication Feature or at least two-step verification.

Good luck.

Also read the Steam Item Restoration Policy.

Sorry, but what you are describing, we have seen time and time again.

No security will protect you from your own bad choices.

1. Only the owner should ever know the account name.
2. Only the owner should know the password and Valve does not store it, only a hash of it for comparison.
3. Only the owner should have access to the SteamGuard code which changes about every 30 seconds...

Without any single one of these, the confidence scam can not work.... so, just how do you think the account was compromised again? And if you saw it coming, you wouldn't fall for it...

What did steam support say about this when you contacted them?

If we get paranoid enough, NEVER connect the Deck to an untrusted wifi network, your son (being a bit exaggerated) could have had his account details cloned via packet sniffing

>sonny, did you tell your account password to someone who promised to put free items and such on your account?
>no daddy, they must of hacked my steam deck!
Lol, sorry but your kid is lying because he thinks hes in trouble. We see this happen a lot. Account security problems are nothing to do with the the steam deck.
This is the 2025 equivalent of installing limewire and getting 100 viruses on the family computer and then denying you touched it, like we did back in my day.

Originally posted by ClassicGamerNL:

He denied this. He says it’s impossible and claims he hasn’t logged in anywhere that could compromise his credentials.

He's either lying or ignorant as to how he actually managed to fall for it. These scams work because the victim doesn't know they're being scammed until it's too late, and we've seen lots of people fall for these who remain in denial that they had anything to do with it.

Originally posted by ClassicGamerNL:

It might be a coincidence, but I find it incredibly hard to believe. I don’t understand how hackers are bypassing Steam Guard and 2FA so easily, especially since all security measures are enabled (unique passwords, 2FA, guards). The speed and precision of these hacks are mind-blowing there were dozens of transactions in under two minutes.

The scammers use bots, and they fool the victim into giving them everything they need. Even the best lock is useless if you give the burglar the keys to the castle.

Originally posted by ClassicGamerNL:

I can’t imagine anything else causing this except the Steam Deck itself. Could there be a vulnerability or exploit tied to it? We are at a loss and seriously concerned about the security of the device and account.

Both you and your son need to read up on how these scams work so you both know what to look out for and how to avoid them in the future. The weakest link in this chain is always the end user, and it's way easier to target some kid's gullibility with promises of free stuff or fear of losing their account than it is to actually break Steam's security.

Have you even contacted steam support about this? If you really think it's a security flaw in firmware or workshop or whatever else you suggested, you absolutely should tell steam support about it instead of just the community. I'll assume you're trolling if you won't do it.

ClassicGamerNL, I work in IT Security. I can tell you that what the folks have been providing is the most likely cause. I don't know how old your son is, and I'm not asking, but it's 90% of the time something the user is doing which is what compromises an account. If it were the device, by now that would be all over the news sites.

Originally posted by ClassicGamerNL:

The first time he was hacked, it was due to a malicious APK for a game that he got from a friend.

Two primary methods these things happen. Phishing is probably the most common, but the second most common is malware, and the end-user usually needs to be fooled into installing that malware themselves.

Originally posted by ClassicGamerNL:

It’s also disappointing how much victim-blaming there is online.

Those who refuse to learn from their mistakes are doomed to repeat them.

Denial is a hell of a drug.

The reality is that your son is clicking on links he shouldn't be. You should check his privacy settings for receiving messages from non-friends and maybe clear/go through his friends list.

He is either getting messages from people saying they got him a free Steam gift card as long as they go to the link they sent him, or he's googling how to get free gift cards and is finding the bad sites which Google loves to push.

These links take you to a site that look identical to Steam, but are fake and exist only to get your account details. You can usually notice by the URL not being a proper steam URL. Let your son know about these fake sites and that there is pretty much zero reason a stranger online would give him a free gift card.

The fact it has happened to his phone and that it affected so many accounts should be enough to know this isn't far fetched.

Also, the accounts posting here aren't new or level 0. Just like yourself, they appear as level 0 because they have their account set to private. I assume you'll be making your profile public now.

I REALLY wanted to post a screenshot of OP showing as a level 0 to everyone else.

Granted, I'm sure there's another delusional explanation for it.

Originally posted by Ozwald:

I REALLY wanted to post a screenshot of OP showing as a level 0 to everyone else.

Granted, I'm sure there's another delusional explanation for it.

All friends only (to non-friends) and private accounts show as level 0 as the privacy setting hides their level as well.

It has nothing to do with this discussion though.