All Discussions > Steam Forums > Help and Tips > Topic Details
This topic has been locked
Help577692 Feb 28, 2017 @ 12:36am
My account was somehow hacked even with mobile authenticator.
So as the title says, my account was somehow hacked. Email changed, and my account was removed from my phone number as well. I was even using steam guard with mobile authenticator. I thought I was safe. Crazy thing is, I was also hacked last October, but I wasn't using the mobile authenticator then and they hacked my email first. I have no idea how it happened, but it did. The "recent activity" tab in my email shows no suspicious activity like it did last time (activity from various countries, all steam related emails were deleted), to be safe I changed the emails password on a different computer. I am under the assumption my main computer is compromised so I am using a different system to resolve this. My main system will get reformatted.

That said, what do I do? Last October I made a steam support ticket and got it resolved in the same day. Now steam support tickets aren't even a thing for some reason. What I have done so far is just take the approach of saying I didn't have my email or password, from there I was able to send steam support a message where I described my situation. I am ready to give them proof of ownership upon their request, so I'm just waiting for the reply. Is this the right approach? All of my research just talks about making a ticket and getting it resolved, there is really no information on what to do about it now that tickets are no longer a thing.

Last bit of really strange information, when trying to find my old steam support account (the second account you would make a support ticket with) I just discovered that there was an inactive steam account created under my previous email I was using for my steam account before it was hacked the first time. I thought I made a mistake and had my steam account on that email and the hacker changed the account name, I changed this suspicious accounts password during a password recovery, but it wasn't my account, it's just a random inactive account with nothing on it. I assume the original hacker created it for some reason in October during the first attack, it doesn't have a real name, just random letters. The first time this hacker (if it is the same person) changed some information on my account profile information, it was in an eastern european language. Again, the newer email address I was using this time does not appear to be compromised in any way, so I'm stumped. No strange activity, all my steam related emails since my account was switched to that email are still there.

I've been a member of steam since early 2004, I really hope to get my account back. And I really wish steam didn't give hackers an incentive for this wide scale hacking in the first place, from my understanding most do it to steal trading items which can be sold for real money. I had none of that stuff. Credit card information was also not set to be remembered for future purchases. I just want to play singleplayer games from time to time in peace. I don't want to be a statistic and lose hundreds of dollars worth of games. Unless this hacker plans on keeping my account to play games from, he's gaining nothing from it.
< >
Showing 1-15 of 33 comments
lumyer Feb 28, 2017 @ 12:43am 
Bro make sure u have good passwords or u are ♥♥♥♥♥♥
#1
Help577692 Feb 28, 2017 @ 12:48am 
Originally posted by reddi:
Bro make sure u have good passwords or u are ♥♥♥♥♥♥

I did have a good password. But I doubt the hacker figured my password out, it was bypassed somehow during a password recovery. Him simply figuring my password out would not explain how he managed to bypass the mobile authenticator. Even if my computer had a key logger on it it and he knew all my information including that password it wouldn't explain how the mobile authenticator was bypassed. I am totally stumped, but apparently steam guard with the mobile authenticator is not bullet proof. I would love to know how it was done, I was hoping someone more knowledgeable could explain.
#2
shiel Feb 28, 2017 @ 12:57am 
Were you using mobile authenticator with an actual phone or emulating it on your pc?
#3
Help577692 Feb 28, 2017 @ 1:04am 
Originally posted by shiel:
Were you using mobile authenticator with an actual phone or emulating it on your pc?

I was using my phone.
#4
shiel Feb 28, 2017 @ 1:06am 
Originally posted by Help577692:
Originally posted by shiel:
Were you using mobile authenticator with an actual phone or emulating it on your pc?

I was using my phone.
Well unless you emailed yourself your recovery code or were keeping it on your pc somewhere then that really shouldn't be possible.... Unless it was someone you know.
Last edited by shiel; Feb 28, 2017 @ 1:06am
#5
Help577692 Feb 28, 2017 @ 1:10am 
Originally posted by shiel:
Originally posted by Help577692:

I was using my phone.
Well unless you emailed yourself your recovery code or were keeping it on your pc somewhere then that really shouldn't be possible.... Unless it was someone you know.

What recovery code? The one you get when you enable the authenticator? I have that code, I was hoping there was a way to use it to recover my account, but as far as I can tell there isn't.
#6
Help577692 Feb 28, 2017 @ 1:25am 
Okay, if that recovery code could have been used to steal my account and if there was spyware on my computer, yea it could have been done. I kept that code in a file on the computer. But my authenticator is on, I have three accounts using it, my main stolen account, this account, and that strange random account. You can hit those blue arrows and look at the steam authenticator codes for all of them. Wouldn't that code just be used to deactivate it? And if he did that, there is no way I would have been able to turn it back on, and it is on right now. But it doesn't help me recover my account.
#7
shiel Feb 28, 2017 @ 1:52am 
You should have the email from when they changed it. Should have an option to lock your account. If you do then do that and contact support. You just gotta go through the wizard firstto get to where you submit a ticket.
#8
Help577692 Feb 28, 2017 @ 3:11am 
Originally posted by shiel:
You should have the email from when they changed it. Should have an option to lock your account. If you do then do that and contact support. You just gotta go through the wizard firstto get to where you submit a ticket.

Sorry for the delayed reply. Have been changing a lot of passwords, putting them on paper this time.
As for what you say, no there is no email telling me there was a change. Only thing I can think is there is some unknown crazy way to bypass it, or I accidentally turned it off, or it turned itself off. It says it is on now, but maybe it wasn't until I turned it on these other accounts? It is hard to believe it was bypassed, but I swear I think it was.
That said, while I was busy changing passwords, about an hour ago they already got with me asking for at least one form of proof of ownership. I went the credit card route and am waiting for a reply. Fingers crossed. And my main computer will be prepped for a reformat very soon. Will type nothing vital on it, no passwords or anything.
#9
Sam Feb 28, 2017 @ 4:47am 
Just remember not to add anyone you don't know or click any links next time
#10
lilcoffeebean Feb 28, 2017 @ 5:28am 
https://help.steampowered.com/en/wizard/HelpWithAccountStolen

There is a 'change my password' option at the bottom and it will take you step by step through questions and options in an attempt to recover your account.

If you can't verify via phone, email, or with the current password, that is when it takes you to a form to fill out for support, i.e. paypal information, invoice ID's, address, cd key etc.

Since you've already been in contact with them you likely don't need this now, but for anyone else that may stumble upon this post and not know what to do within the new system.


On a side note, protect your recovery code like you would a credit card and don't store it on a computer. With that and your password, your email can be completely bypassed. Although you should have still got emails about a password change, so that is indeed very odd.
Last edited by lilcoffeebean; Feb 28, 2017 @ 5:30am
#11
Muppet among Puppets Feb 28, 2017 @ 7:47am 
Originally posted by Help577692:
As for what you say, no there is no email telling me there was a change. Only thing I can think is there is some unknown crazy way to bypass it
If theres no email, it was accessed as well.
If you kept restore code for auth on your computer,
the crazy bypass
is your computer being remote accessed.

Consider all input being leaked over time.

Its hard to interprete the facts in a different way.
#12
Help577692 Feb 28, 2017 @ 8:46am 
Well they haven't responded yet. My girlfriends steam is still friends with the hacked account, he changed its name to something eastern european like last time. I updated the steam support conversation with that information, what more proof do they need? Waiting on a reply.

If he was in my email it should have come up in the activity log. There is nothing there. Its password has been changed anyway on a different computer.
#13
Muppet among Puppets Feb 28, 2017 @ 8:54am 
Originally posted by Help577692:
If he was in my email it should have come up in the activity log. There is nothing there.
It would appear as your computer.
One email is missing obviously
#14
Help577692 Feb 28, 2017 @ 9:09am 
Originally posted by Muppet among Puppets:
Originally posted by Help577692:
If he was in my email it should have come up in the activity log. There is nothing there.
It would appear as your computer.
One email is missing obviously

I know what you're saying. But in October my previous email was hacked, under account information you can view an activity log that shows when and where all logina came from. The stuff in this log cannot be deleted. My previous email showed many different countries in that log. This log only shows the small town I live in.
#15
< >
Showing 1-15 of 33 comments
Per page: 1530 50

All Discussions > Steam Forums > Help and Tips > Topic Details
Date Posted: Feb 28, 2017 @ 12:36am
Posts: 33
Start a New Discussion

Discussions Rules and Guidelines