DO NOT TRADE

You have been hijacked. There's a bot in your account, that will forward all valuable trades to an impersonator account.

Deauthorise all other devices
Revoke your API key
Order new backup codes


To explain a bit further: This is a well-known scheme, that has been going on for about a year. You entered your Steam login into an untrustworthy site or a phishing site mimicking a legitimate one. The profile edit is to make you set up a huge, one-sided trade. The thieves only get one real shot per person, and they want to make the most of it.
If you set up a trade, while your account is still compromised, it will be canceled, while there is a different set up to an account, that takes the name and avatar of your intended trade partner. This will then show up on your authenticator (or in theory email; never heard of mail cases), and you will confirm it. And then your stuff is gone.

In the future do not do Steam logins directly on any homepages, not even when they appear to be Steam profiles or trades. Instead bookmark the main page of Steam an log in there. Legitimate sites will carry over the login and not ask for your name and password again.

Well, im VAC banned so I cant trade my valuable CSGO items anyway. Do they have complete control over my acc? They havent disabled mobile authenticator or changed my email so I assume they only did it for the skins. Any idea on how to remove the bot or do i just ignore it?

https://store.steampowered.com/twofactor/manage

Go there and deauthorize all other devices.

You can also check for suspicious logins here:

https://help.steampowered.com/en/accountdata/SteamLoginHistory

Thx Tanja, also I checked for suspicious logins... Is it common for logins to from alot of other places at alot of times?! I know for sure it wasn’t me because I have never been to Edmonton or Squamish wherever those places are. I removed the authenticator does that deauthorize other devices or how do I deauthorize other devices? Thx

The option to deauthorise all other devices is at the bottom of the first link brought in there.

To revoke your API key use this link:
https://steamcommunity.com/dev/apikey

Logins can happen from different places, depending on where your internet provider decides to lead your connection, but they should be in a reasonably close radius from you. Everything further away than 100-150 kilometers should raise suspicions. International connections especially.

Thanks for the help guys, rlly appreciate it. If anything odd happens I’ll be sure to mention it but let’s just cross our fingers and hope nothing does happen for now.

Thx alot
-Nick

I just faced this same issue they changed my pic to banned and said i have to trade all my skins to a different account or a friend in 12 hours or my account will be limited, did what Jerry and Aragami said, thanks guys.

if i revoke API's, change password, change recovery codes, deauthorise all other devices, is my account safe to trade again or is it screwed forever?

wow cool looking

My account hijacked like this.. but I was horrified and I traded all

I know im dumb

Originally posted by Max Anderson:

My account hijacked like this.. but I was horrified and I traded all

I know im dumb

What you are saying here :

https://steamcommunity.com/groups/tradingcards/discussions/2/3132793555962790039/#c3132793555962930323

Is explained, as well as many other things, here :

https://support.steampowered.com/kb_article.php?ref=3415-WAFH-6433

Originally posted by Nickmjs:

So I was recently VAC banned (This isnt about that tho) and about two days later my account name was it changed to “WARNING FOR VAC BAN,” and my accounts profile pic was changed as well as the Bio which said stuff like “DONT TRUST THIS GUY & TRADE ALL YOUR ITEMS AWAY,” and weird stuff like that. I just now chnaged my password and I hope it doesn’t happen again. Has this happened to anyone else and any tips on what to do about it?


P.S
I assume this is a hacker because I wouldn’t expect Steam to do something like that, as well as there were many mistakes in the my bio and Steam would most likely not have spelling mistakes so I assume my account got hacked

Hey yall the same ♥♥♥♥ just happened to me I deactivated, made no trades, changed my email password, unlinked my card, deactivated all user logins, changed my steam password, and I even went as far as went on my browser to remove all my cookies and malwarebyte swept everything. I think some guys got my login from me going on a csgo website and they did the usual and blocked my friends and all that and I managed to get around it stated previously. I checked the logins 2 were from Moscow and 1 from the Virgin Islands and they were on there pretty long it said they logged in at 1pm and I didnt get a message from them until 7pm. From what i've heard previously is that these people can get in because in some parts of Russia they dont need mobile authenticator and they cant do anything other than change your pfp and name and maybe something to do with trades thankfully everything of value I had was on trade hold. And Finally im wondering if they have access to my card since it was linked and is there anything else I can do? THX

This happened to me and got a ban 😵

Originally posted by Kimarnic:

This happened to me and got a ban 😵

You are not banned. Secure your account!

Did you even read the thread you have "necroed"?

Originally posted by Kimarnic:

This happened to me and got a ban 😵

There no ban, read the discussion you necro...

Here if have trouble reading follow these 5 steps, don't skip any.
1. Scan for malware https://www.malwarebytes.com/

2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage

3. Change passwords from a clean computer.

4. Generate new backup codes.
https://store.steampowered.com/twofactor/manage

5. Revoke all API keys, there should be none.
https://steamcommunity.com/dev/apikey


Avoid typing your login info via 3rd party sites, also don't share login info, or any private info with anyone that claim to be admin, or whatever.