If you have contact with your friend then tell him read here, and support will reply when it's his turn.
https://support.steampowered.com/kb_article.php?ref=2347-qdfn-4366

When your friend get his account back, he need to do these steps.
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

Also if your friend block Steam, filter out by the mailing service, made a rule to auto delete, or in the spam folder, then he need to check that, if not anywhere in there, nor blocked, or deleted, then chances the hijacker also have access to his email as well.

hi contact steam support they will ask for an evidence..Any used wallet code will work or there are several other option give them that your acc can be fine

Thanks for the replies.

My question is, how should my friend contact support? He doesn't have access to the email address of the account he is trying to recover. He doesn't even know what its new email address is. The same thing with the associated phone number.

Is it fine to use a different Steam account to recover another account? Or is there a different way altogether to get support in this difficult case?

Originally posted by teekivi:

Thanks for the replies.

My question is, how should my friend contact support? He doesn't have access to the email address of the account he is trying to recover. He doesn't even know what its new email address is. The same thing with the associated phone number.

Is it fine to use a different Steam account to recover another account? Or is there a different way altogether to get support in this difficult case?

If he doesn't have access to the email that originally used for the account, nor does he have any other email he has access to that isn't compromised, then means he need to get an new email so he can be contacted at, I suggest getting email service that support 2FA, like outlook, Gmail, or etc... Because you need an email to send you notification to.

No you don't need to make new Steam account. Please send him what I posted from the start, he needs to do this himself, as only the account owner can recover the account, as support will be asking proof of ownership, hence what I posted in the link above.

Hello brother, the same thing happened to me, my account was stolen yesterday, ALL the data was changed and now I am desperate: /

Originally posted by fran.blur1:

Hello brother, the same thing happened to me, my account was stolen yesterday, ALL the data was changed and now I am desperate: /

Follow the first post.

Good to know :D

Originally posted by teekivi:

Hello!

My friend discovered earlier today that his Steam account got hacked, and its email address and phone number were changed. The weird thing is that his mailbox doesn't contain a mail about the account's email address being changed.

So, is there anything my friend can do to get his account back? Steam Support seems to assume that the account's email address or phone number hasn't been changed. I've found a guide named How To Recover Your Account, but it assumes that the email address change notification mail is available.

How can one use Steam Support in this case? As far as I know, the support webpage requires logging into a Steam account. Should he use a new account for that?

I realize that the situation is pretty bad. My friend and I would be very thankful for any help.

When my account got hacked and the email changed the person who stole my account had made a new account under my email address assuming i wouldnt notice. I did notice when all my games were gone so i contacted steam support on that account to report my main account, thankfully steam realisead it had got hacked and they reset the password for me to log in and to add it back to my email address. After i logged in I added 2FA with my email and phone number and my made my passowrd more secure. When the hacker reset my email address the emails that steam send you to let you know someone has logged in was in my spam box for some reason (which i dont check often). But it doesnt matter thanks to steam support i got it back, but it did take about a hour or 2 for them to email me back. Also the hijakcers will add a bunch of their stupid hacker friends (in my case they had chinese names) so just unfriend and block them and on top of that my language was in chinese too. The reason this happened to me is because i had download a among us hack called tanjirosho mod menu and it stole all my passwords (the hijacker also logged into my ubisoft account aswell somehow).

Make sure the e-mail account is not controlled too.
Perhaps someone just deleted the mails you should not see.

Originally posted by chickeneatpoo:

When my account got hacked and the email changed the person who stole my account had made a new account under my email address assuming i wouldnt notice. I did notice when all my games were gone so i contacted steam support on that account to report my main account, thankfully steam realisead it had got hacked and they reset the password for me to log in and to add it back to my email address. After i logged in I added 2FA with my email and phone number and my made my passowrd more secure. When the hacker reset my email address the emails that steam send you to let you know someone has logged in was in my spam box for some reason (which i dont check often). But it doesnt matter thanks to steam support i got it back, but it did take about a hour or 2 for them to email me back. Also the hijakcers will add a bunch of their stupid hacker friends (in my case they had chinese names) so just unfriend and block them and on top of that my language was in chinese too. The reason this happened to me is because i had download a among us hack called tanjirosho mod menu and it stole all my passwords (the hijacker also logged into my ubisoft account aswell somehow).

I hope you changed password on email, thing is once they get access to email, they can use recovery for your account because has access to email.


Accounts > Email > User being weakest link, and always will be as all need is user to make the mistake such as not enable 2FA/MFA/U2F, or FIDO for account & email, or downloading virus on their device, or just falling for scammer scam in DMs. Only option be left for scammers is brute force which they might as well find a new job as be long time they ever figure it, and easily taken back from them by contacting support.

This thread was quite old before the recent posts, so we're locking it to prevent confusion.