Originally posted by ᴀ⠀z⠀u⠀l⠀a:

!!Alert steam support!!
Urgent: Hackers can now bypass 2FA on mobile. My cousin had his account hacked with no notification, and they drained his wallet. The process involves downloading malware from ads or cracked games, which lets hackers bypass 2FA, even when your phone is a separate device. They don’t need to log into Steam—they can make purchases and trades without the authenticator. #PlsFixValve"

How can a Trojan bypass Steam’s 2FA, even though it's set up on a mobile device and not the PC? Even if my account is hacked, they shouldn’t be able to make trades or buy/sell items without the authenticator. It doesn’t make sense for a Trojan to bypass security tied to the mobile device.

Accidentally installed a Trojan from a deceptive website download link.

No backup or recovery codes in the email or on the computer.

Mobile authenticator was only on the phone, not on an emulator.

No notifications on the mobile authenticator, only the IP address of the person who logged in.

Computer was off after using it so it cant be they ratted him and then played out


He did not type his password or authcation code anywhere but his own pc

First, there is NO STEAM / Valve staff or employees, techs, support team, or moderators in this steam sub-forum. The 2 steam related sub-forums, are USERS only sub-forums.

second, you cousin gave his info away including the steam 2fa session token from their computer. There is no other way to get this info.

-------------------------------------------------- Recovery Info -----------------------------------------------

Accounts are phished not hacked.

You gave away all your account details.

The account name, the password and the KEY to the door, the Steam Guard Mobile code giving them access to the account.

How? by either logging into a known scam site or item sell sites, fake steam log-in websites, or by tailored malware on your PC, the vote for my team scam, you have a pending ban scam on Discord, free knife click the link etc.

How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.

The alternative is not plausible:

1) Someone would have to "GUESS" your account name from "millions of possible combinations".

2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".

3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.

Your account was phished / hijacked. Follow steps 1- 7 to secure your account:

1. Scan for malware https://www.malwarebytes.com/

2. Check that the email and phone number on the Steam account are still yours.

3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage

4. Change passwords from a trusted/clean device.

5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage

6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

7. Make sure your steam recovery email account is secure

Steam will NOT return lost funds or Items.

Originally posted by ᴀ⠀z⠀u⠀l⠀a:

The process involves downloading malware from ads or cracked games

Things you don't need to worry about when legitimately purchasing on steam.

Though most likely, what they did was go to a 3rd party site and gave it their login, compromising their account willingly, that's phishing.

Originally posted by ᴀ⠀z⠀u⠀l⠀a:

#PlsFixValve

Fix people and a lot of phishing goes away.

Swim little phishy, swim if you can.

When you log into a 3rd party site which asks you to put your Steam credentials in, you are asking to get robbed. It is that simple.

Nobody is going around hacking users. They are being gullible on 3rd party sites.

It's called a session token hijack
"The Session Hijacking attack consists of the exploitation of the web session control mechanism, which is normally managed for a session token"

Don't be stupid online aka keep of skin trading sites ect u will not hit

Originally posted by HereIsPlenty:

Swim little phishy, swim if you can.

Tell me where did I say he typed his login on a phishing site?

Guys please read the whole discription he did not go into a phishing site to enter his details hellooo????

Dude, do a simple search of the forums. People constantly get phished. Nobody gets hacked.

he logged into a fake Steam website that wasn't steam, there are several out there and new ones everyday. Sorry, but what we are all telling you is the truth. we see this BS crap every day. Why do you think we all have a pre text of info, to help those recover and secure their steam accounts.

all your cousin needs to do is work on the 7 steps above and secure his account asap.

Originally posted by ᴀ⠀z⠀u⠀l⠀a:

Guys please read the whole discription he did not go into a phishing site to enter his details hellooo????

Most likely they did.
Most insist illegitimate sites are "real" because its for stuff like "trading" or "voting" for something, or forget that illegitimate obtained stuff may come with some serious malware.

Originally posted by ᴀ⠀z⠀u⠀l⠀a:

Originally posted by HereIsPlenty:

Swim little phishy, swim if you can.

Tell me where did I say he typed his login on a phishing site?

Originally posted by ᴀ⠀z⠀u⠀l⠀a:

Guys please read the whole discription he did not go into a phishing site to enter his details hellooo????

A successful phishing site doesn't necessarily advertise itself as a phishing site.

Originally posted by ᴀ⠀z⠀u⠀l⠀a:

He did not type his password or authcation code anywhere but his own pc

Right. Most likely typed it into a phishing website while on his own PC.

These are some of the ways he could have given away his login information away.

*Have you been asked to vote for a team/tournament/pixel art?
*Have you been asked to register for a tournament?
*Have you used any third-party site for gambling or trading? (doesn't have to have been recent, they can keep your info for years, waiting till you build up your inventory)
*Have you logged in on a public device?
*Have you entered any giveaways/giveaway groups?
*Have you tried to claim any "free 50$ gift cards"?
*Have you been invited to a playtest via a link in chat?
*Have you talked to an "admin" after being "accidentally reported"?
*Does someone else use your PC or your account?

Originally posted by ᴀ⠀z⠀u⠀l⠀a:

Guys please read the whole discription he did not go into a phishing site to enter his details hellooo????

We read them all.

Aside from unknowingly using them, take note that some people would rather lie than admitting their mistake because of shame or to escape guilt. Not saying that you friend is lying, but they can.

If you're that stupid, then you really need to look at what you're doing. Most of you people on these forums:
1. you dont know how to update your devices
2. you don't have adware/adblockers
3. let everything in without windows defender checking
God, I'm a torrenter and I am at more risk than you idiots.

GG people in the comments do not know the difference between trogen and phishing

Originally posted by rawWwRrr:

you cannot be be this dumb bro seriously I said he installed a trogen ( by gettingdecieved into) he did not type his info anywhere