Instalează Steam
conectare
|
limbă
简体中文 (chineză simplificată)
繁體中文 (chineză tradițională)
日本語 (japoneză)
한국어 (coreeană)
ไทย (thailandeză)
български (bulgară)
Čeština (cehă)
Dansk (daneză)
Deutsch (germană)
English (engleză)
Español - España (spaniolă - Spania)
Español - Latinoamérica (spaniolă - America Latină)
Ελληνικά (greacă)
Français (franceză)
Italiano (italiană)
Bahasa Indonesia (indoneziană)
Magyar (maghiară)
Nederlands (neerlandeză)
Norsk (norvegiană)
Polski (poloneză)
Português (portugheză - Portugalia)
Português - Brasil (portugheză - Brazilia)
Русский (rusă)
Suomi (finlandeză)
Svenska (suedeză)
Türkçe (turcă)
Tiếng Việt (vietnameză)
Українська (ucraineană)
Raportează o problemă de traducere
Autorul acestui subiect a marcat o postare ca răspuns la întrebarea sa.
Reguli și ghiduri pentru discuții
Raportează această postare
Scan for malware https://www.malwarebytes.com/
Deauthorize all other devices https://store.steampowered.com/twofactor/manage
Change passwords from a clean computer
Generate new backup codes https://store.steampowered.com/twofactor/manage
Revoke the API key https://steamcommunity.com/dev/apikey
Stop using shady third party trade sites or clicking suspicious links.
And maybe leave that group with the monkey logo.
Most likely you'll find an API key there, remove it. In addition...
https://store.steampowered.com/twofactor/manage
^ De-authorize all other devices, and also consider chaning your password.
SteamGuard didn't get hacked, some time ago you accessed a scam site and while thinking that you logged onto Steam you actually gave the attacker your full account details. Which they then immediately used to log into your account and plant that API key, thus giving them near to full control over your account.
(edit)
So, I just checked that website in your username.... it allows you to log onto their site using a Steam account and that is exactly the cause of your problems. Not every website is legit, and many will even swap out a legit logon option for a fake one, thus making it impossible to fully pinpoint where things went wrong.
Fact of the matter is... if you use your Steam account outside of Steam, then you're taking big risks.
If you are referring to a bloody.com I’m using the website for quite some time, I’ve also had trades with them and received everything I got there.
Im not getting the part where they authorised new device without 2FA confirmation. And did very little damage.
There is no API key there.
I’ve also deauthorised all the devices and changed my password.
But my question is if they had access to my account why wouldn’t they change password, email,… and completely locked me out of my acc, why would they sell worthless skins, and leave does which are worth something?
One way or the other... somewhere along the line your account got compromised. You might want to prioritize finding the real cause here because... this could easily escalate beyond Steam.
1. Scammer contact victim via DM/email, or victim watch scammer videos, or saw ad scam. Maybe gamble, or trading promotion by scammer in search results victim looking for something.
2. victim visit scam site with no idea it was a scam site.
3. Victim click login entering the login information, AND entering in code which is sent to scammer device they login, and have your login token, or victim scan QR code then click approved for login that on scammer device to getting access.
So now you figure out most common day to day problem, how do you solve it, simple tell victim stop smashing buttons, and use brain pay attention then stop logging into scam sites.
Yes the moment scammers get on your account, they run to spam your friends in their DM with links, with message to trick them to fall for it, or try to sell every time you have in your inventory, or trade it.
Now you wonder why isn't there a 2nd code for login, well when have you ever had to enter a 2nd code to login, answer is you never did, you put username, password, plus code that it, there no 2nd code, scammers got in because you handed the code for them to use hence login process.
Plus scammers aren't stupid enough to use every account that logs in. They need to appear legit enough so people call them "trusted", you know.
You need to read up on phishing. Then you'll understand how you accidentally confirmed their login device.
https://en.wikipedia.org/wiki/Phishing
https://en.wikipedia.org/wiki/Phishing
https://en.wikipedia.org/wiki/Phishing
https://en.wikipedia.org/wiki/Phishing
https://en.wikipedia.org/wiki/Phishing
PLEASE READ C A R E F U L L Y!!!
One more time for good measure:
https://en.wikipedia.org/wiki/Phishing
I’ve checked the email, and its not been compromised. Also it is really hard to get into google email, even i cant login from every computer because it doesn let me, i also have 2FA on my google email.
I don’t use internet cafe and also the are none in my country.
No contact via email as I really dont receive lot of emails.
There are no messages to my friends also I’ve never clicked on any when i got them from any other friend.
Every time u login into your Steam acc and have 2FA enabled u have to accept it on Steam Guard. Also if you want to change anything on steam (security stuff) u have confirm it with 2 security codes (steam guard/phone and email)
Sorry but I wouldn’t agree even if u would to give password to everyone in the world you need 2FA code which u get on Steam Guard or phone number and there wasn’t any code, any requests for login anything.
Really hard to believe I would confirm login if I knew i wasn’t logging in.
Adding more steps doesn't prevent, nor fixed the problem as long go out the way to logging into scam site. That why just don't login scam site that simple.
You gave the code away when you logged in on that scam site that you, for whatever reason, protect.
The best way to determine if Bloody Case is legit or not is to take a closer look at what this platform offers. Despite it not being licensed or registered, the ownership is transparent and we can see that the company behind the site is Aghanim Group with headquarters in Lithuania.
Moreover, since all of the games are played against the house, we should also address the fairness features. At the time of writing, a dedicated provably fair system is put in place. Keep in mind that this system can be inspected and verified as soon as the game is finished which proves that this platform is legit.
https://csdb.gg/bloodycase/review/#:~:text=The%20best%20way%20to%20determine,Group%20with%20headquarters%20in%20Lithuania.