Tutte le discussioni > Discussioni di Steam > Steam Discussions > Dettagli della discussione
ᴀ⠀z⠀u⠀l⠀a 8 apr, ore 16:34
Steam new hack watch out
!!Alert steam support!!
Urgent: Hackers can now bypass 2FA on mobile. My cousin had his account hacked with no notification, and they drained his wallet. The process involves downloading malware from ads or cracked games, which lets hackers bypass 2FA, even when your phone is a separate device. They don’t need to log into Steam—they can make purchases and trades without the authenticator. #PlsFixValve"

How can a Trojan bypass Steam’s 2FA, even though it's set up on a mobile device and not the PC? Even if my account is hacked, they shouldn’t be able to make trades or buy/sell items without the authenticator. It doesn’t make sense for a Trojan to bypass security tied to the mobile device.

Accidentally installed a Trojan from a deceptive website download link.

No backup or recovery codes in the email or on the computer.

Mobile authenticator was only on the phone, not on an emulator.

No notifications on the mobile authenticator, only the IP address of the person who logged in.

Computer was off after using it so it cant be they ratted him and then played out


He did not type his password or authcation code anywhere other then steam
Ultima modifica da ᴀ⠀z⠀u⠀l⠀a; 8 apr, ore 17:55
L'autore della discussione ha indicato un messaggio come risposta alla propria domanda.
Clicca qui per visualizzare il messaggio.
Messaggio originale di Realigo Actual:
If the phone is on the same lan then the pc becomes a vehicle to attack the phone. It's getting pretty sophisticated by that point but these guys don't have to write everything themselves they also deploy ♥♥♥♥ written by others. So if your talent is firmware say but you need something for network or a specific software platform, you can get that and then pair it with your stuff.

It's either trusted device + exploiting convenience limits on triggering verification or the PC is used to attack the authenticator. Or the trojan scooped his credentials and then they removed the authenticator. Perhaps they can now MITM a good authenticator with a bad client.
< >
Visualizzazione di 16-30 commenti su 30
HereIsPlenty 8 apr, ore 17:28 
Messaggio originale di ᴀ⠀z⠀u⠀l⠀a:
GG people in the comments do not know the difference between trogen and phishing
It is Trojan. As in Trojan Horse.

If it matters then on a prior computer I did have malware that inserted itself in my root directory then allowed someone to attempt to access Steam using a keylogger for my passwords.

Guess what? Even without 2fa, Steam alerted me and refused access.

Phishing on the other hand gives away everything.
#16
ᴀ⠀z⠀u⠀l⠀a 8 apr, ore 17:28 
Messaggio originale di Tarra Sama:
My point is valve really gonnah let a simple exe file bypass all of mobile authentication trades and money
#17
ᴀ⠀z⠀u⠀l⠀a 8 apr, ore 17:30 
Messaggio originale di HereIsPlenty:
Guess what bro my point isnt that he hacked steam my point it that he bypased all trades and market authentcation that you get when using mobile authentcator
#18
HereIsPlenty 8 apr, ore 17:31 
And that is precisely what happens when you are phished. A trojan cannot do that. Sorry, you are mistaken.
#19
ᴀ⠀z⠀u⠀l⠀a 8 apr, ore 17:33 
Messaggio originale di HereIsPlenty:
And that is precisely what happens when you are phished. A trojan cannot do that. Sorry, you are mistaken.

My brother when you are phished you don't bypass authenticator and sell all big items without acessing your mobile you just simply get access to the account
Ultima modifica da ᴀ⠀z⠀u⠀l⠀a; 8 apr, ore 17:34
#20
HereIsPlenty 8 apr, ore 17:35 
Azula, like I suggested before - search the forums and you would find out exactly how phishing does that. Its late and I cannot argue any more with someone who will not do a simple bit of research.
#21
Komarimaru 8 apr, ore 17:35 
The only way I know of Malware bypassing the authenticator, is be stealing your session ID token etc. And only if a browser one. But last I checked, Steam Guard will still trigger you to log in, if use said session token from a non probable source.

That leaves just one option left, you gave out your 2FA code.
#22
Ferox_Stormdragon 8 apr, ore 17:35 
when you download pirated games, software or anything else you run the risk of getting infected with malware, this has nothing to do with steam it 100% on the user.
#23
ᴀ⠀z⠀u⠀l⠀a 8 apr, ore 17:37 
Messaggio originale di Ferox_Stormdragon:
You ignored by point
#24
rawWwRrr 8 apr, ore 17:37 
Messaggio originale di ᴀ⠀z⠀u⠀l⠀a:
Messaggio originale di rawWwRrr:

you cannot be be this dumb bro seriously I said he installed a trogen ( by gettingdecieved into) he did not type his info anywhere
Right. Trojan. Which you correctly deduce shouldn't, on it's own, bypass the 2FA. So how do you think that might have been done after the trojan was installed? It wouldn't take much for the trojan to spoof what appeared to be a Steam login.

Listen, none of us was there. But we've been here long enough to know what does and doesn't work in this regard. You want to stand by the fact that it didn't happen. Great. It doesn't change the fact that something happened.

Do you want to help your cousin? Or do you want keep arguing with everyone?
Ultima modifica da rawWwRrr; 8 apr, ore 17:39
#25
rawWwRrr 8 apr, ore 17:39 
Messaggio originale di pckirk:
all your cousin needs to do is work on the 7 steps above and secure his account asap.
Your 7 steps is stuck in analysis. Probably why they continue to argue as they haven't seen it.
#26
Muppet among Puppets 8 apr, ore 17:47 
Messaggio originale di ᴀ⠀z⠀u⠀l⠀a:
!
He did not type his password or authcation code anywhere but his own pc
An infected pc is functionally not really your own pc
#27
Abigail From Sneaky Squid Dept. 8 apr, ore 18:10 
If you let people believe they were "hacked", they will continue to think they did nothing wrong and will be doomed to fall for it again.
#28
L'autore della discussione ha indicato che questo messaggio risponde alla discussione originale.
Realigo Actual 8 apr, ore 18:17 
If the phone is on the same lan then the pc becomes a vehicle to attack the phone. It's getting pretty sophisticated by that point but these guys don't have to write everything themselves they also deploy ♥♥♥♥ written by others. So if your talent is firmware say but you need something for network or a specific software platform, you can get that and then pair it with your stuff.

It's either trusted device + exploiting convenience limits on triggering verification or the PC is used to attack the authenticator. Or the trojan scooped his credentials and then they removed the authenticator. Perhaps they can now MITM a good authenticator with a bad client.
#29
pckirk 8 apr, ore 18:40 
Accounts are phished not hacked.

You gave away all your account details.

The account name, the password and the KEY to the door, the Steam Guard Mobile code giving them access to the account.

How? by either logging into a known scam site or item sell sites, fake steam log-in websites, or by tailored malware on your PC, the vote for my team scam, you have a pending ban scam on Discord, free knife click the link etc.

How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.

The alternative is not plausible:

1) Someone would have to "GUESS" your account name from "millions of possible combinations".

2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".

3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.

Your account was phished / hijacked. Follow steps 1- 7 to secure your account:

1. Scan for malware https://www.malwarebytes.com/

2. Check that the email and phone number on the Steam account are still yours.

3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage

4. Change passwords from a trusted/clean device.

5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage

6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

7. Make sure your steam recovery email account is secure

Steam will NOT return lost funds or Items.
#30
< >
Visualizzazione di 16-30 commenti su 30
Per pagina: 1530 50

Tutte le discussioni > Discussioni di Steam > Steam Discussions > Dettagli della discussione
Data di pubblicazione: 8 apr, ore 16:34
Messaggi: 30
Inizia una nuova discussione

Regole e linee guida per le discussioni