Steam telepítése
belépés
|
nyelv
简体中文 (egyszerűsített kínai)
繁體中文 (hagyományos kínai)
日本語 (japán)
한국어 (koreai)
ไทย (thai)
Български (bolgár)
Čeština (cseh)
Dansk (dán)
Deutsch (német)
English (angol)
Español - España (spanyolországi spanyol)
Español - Latinoamérica (latin-amerikai spanyol)
Ελληνικά (görög)
Français (francia)
Italiano (olasz)
Bahasa Indonesia (indonéz)
Nederlands (holland)
Norsk (norvég)
Polski (lengyel)
Português (portugáliai portugál)
Português - Brasil (brazíliai portugál)
Română (román)
Русский (orosz)
Suomi (finn)
Svenska (svéd)
Türkçe (török)
Tiếng Việt (vietnámi)
Українська (ukrán)
Fordítási probléma jelentése
Hozzászólási szabályok és irányelvek
Hozzászólás jelentése
I lately saw an url that i would have not recognized as fake. In a search result. And in the url bar there would be a tiny dot below a letter.
Thats why you need to stick to recommendations like "never".
Even using a searchengine can be dangerous, so never just do things.
What I need to find out - which I've already asked STEAM support - is what data was accessed and such.
Accessing from desktop would have shown some more info. I checked my browser history on my phone - all of the links from "https://steamcommumutiy.com/" - which has two letters out of place. Well - wrong spelling overall. So it was missed because I was driving.
The site is no longer up - seems to have been taken down. Either by reports made or because they've gotten into enough accounts.
There may be others like that in future - so please be careful.
The hijacker could access everything you can.
You could do these things to make sure every other "user" is gone.
Check that the email and phone number on the steam account are still yours.
Deauthorize all devices https://store.steampowered.com/twofactor/manage
Change your password on a secure device.
Generate new back up codes. https://store.steampowered.com/twofactor/manage
Revoke the api key https://steamcommunity.com/dev/apikey
Classic. And that's why there are hundreds if not thousands such threads on here. NOBODY reads these things BEFORE they need it. And then they make yet another thread nobody (who needs it) reads.
No API keys. Already logged out all devices. Just didn't generate the new backup keys. Thanks for that. Will do shortly.
Understood I wasn't on a STEAM page or site. What I find interesting is how it was handled. Theory is, it seems to have used a front end to mimic the STEAM site layout and then once the STEAM Guard code is entered, it kept the session information and passed it on to the hackers. You get a generic failure message that makes you think it's genuine.
From the dates and timestamps, the problem was - initially - that I used the link. Next that I opened it while driving and couldn't validate properly. Next that I realized a problem but delayed in doing checks. Had I not been busy with work, I'd have checked it when I got home. Only now on the weekend did I have some time to check.
Point made that nobody checks these until after the fact. We are more reactive than proactive. Just hopeful that the info will find someone beforehand, and with the info and links provided I'm hoping it'll help someone.
What I'm doing is sharing the thread and info with those I know. Once it's passed on at least some persons will be aware.
Items in my inventory were transferred out to other accounts. I found the accounts that my items were sent to - and I raised the concern with STEAM. They pointed me to these.
Steam Item Restoration Policy
https://support.steampowered.com/kb_article.php?ref=9958-MJDG-3003
Apparently there's no recourse for items sent from your account because account security is the responsibility of the end user.
These are their "Account Security Recommendations".
https://support.steampowered.com/kb_article.php?ref=1266-OAFV-8478
They also said "In addition, we are unable to recover any friends or Community groups that have been lost or deleted."
I have quite a lot of items lost now. I'll be making a note of it and seeing how things go.
*EDIT*
So after taking a tally - it's 12+ games and 200+ tradable items. These were amassed over years since I've been with STEAM from.....forever. Was introduced to HL1 and CS way back before competitive online gaming was a thing - back when you had to go to venues to have any kind of competition - back when we had dial-up. While it doesn't harm me personally, the part I'm most upset about is the contacts. The items I can probably buy if I REALLY wanted them out the market. The games I had in my inventory for friends - old or new. Not sure if you're aware, but STEAM had a policy where you can't add friends unless you have one paid game in your list. Not sure what it is like now, but that was the purpose of the extra games in my list.
Games lost include:
The Last Remnant™
Terraria
Skullgirls 2nd Encore
Prince of Persia®
PAYDAY™ The Heist
Onikira - Demon Killer
Machinarium
Far Cry® 2
ComiPo! Highschool Starter Pack
Broken Sword Trilogy
Alien Breed™ Trilogy
Age of Empires II (2013)
These were held in storage for trading as I said. Items? Well now...
-Torchlight II, Chivalry: Medieval Warfare, Reus, Dead Island Riptide, Aiai, Eggman, Shadow, Witch, Smoker, Hacker Concept, 「Shen Woo」, 「Clark Still」, 「K'」, 「Ash Crimson」, 「Kim Kaphwan」, 「Ralf Jones」, Beach, Outlander, Dark Knight Detective, King of the Seven Seas, Emerald Knight, Amazon Princess, Night's Edge, Mr. Crow, Xan, Through the Flames, Explosive, Pool Repair, Need a Doctor, 「NESTS-style Kyo」, 「Robert Garcia」, 「Mr. KARATE」, Frost King Spotting, Pink Knight vs. Painter Boss, Beefy Sandwich, White Pawn (Foil), White Pawn, Black King, Black Knight, Black Pawn, ASHIGARU, VANGUARD (Trading Card), JIRO (Trading Card), Skaarj, Behemoth Concept, Berserker, Embermage, The Arsenal, The Wilds, Walrut Head, Kit Ballard, Allied Assault, Allied Sniper, Axis Panzerschreck, Hooning Is Not A Crime, Sno* Problem, DC Compound, Evil Goat, Three Horned Goat Jesus, Wistful, Chloe, Waka, Mikoto (Trading Card), Purna (Trading Card), Sam B (Trading Card), Zombie, Glowing Mushrooms, Living Wood, The Underworld, Night's Edge, The Skulk, TSF Marine, Special Ops Marine, The Fade, Gary Coleman, The Champ, X Dude, The Gang, Nyte Blayde, The Herald of the Walking Apocalypse, Oleg Kirrlov the Brute, Nyte Blayde, Witch-Bride of Achriman (Trading Card), Bio-Mechanoid, Antaresian Spider, Gnaar, Scarlet Pilot, Amber Pilot, Emerald Coalition Mecha, Nordic Ruins, Daedric Warrior, Daedric Warrior, Nordic Ruins, Fleshpound, Husk, Clot, Scrake, Vlad, Troll, Swarm Baron, Wizards, OSTRICH SLUG, Gal DONALD MORDEN, MARCO ROSSI, FIO GERMI, Monster in the shadows, US Sniper, US Sniper, HEAVY (Trading Card), ENGINEER (Trading Card), PYRO (Trading Card), MEDIC (Trading Card), MEDIC (Trading Card), Squigly, Cerebella, Filia, Valentine, Double, Wilson, Willow, Life Element, Shield Element, Lightning Element, Shinobi, Shogun, Shepherd, Hoarice, Shepherd, The Knight Rider, Castle Blood, Silence, Marked, We've Always Been Together, Combat, Masked, Battle vs Chess Booster Pack, No Transparency, The Magician's Joy, Mercy of the Saint, Vengeful Spirit (Trading Card), Tiny (Trading Card), Tiny (Trading Card), Riki (Trading Card), Dust: An Elysian Tail Booster Pack, Injustice: Gods Among Us Ultimate Edition Booster Pack, Tusk (Trading Card), Phantom Lancer (Trading Card), Vengeful Spirit (Trading Card), Vengeful Spirit (Trading Card), Stardust Vanguards Booster Pack, Gogeta, Frieza, Cell, T-Bone (Trading Card), Home Base, Everything is Under Control, F.A.N.G (Trading Card), Ryu/Ken, Necalli, F.A.N.G (Trading Card), Zangief, F.A.N.G (Trading Card), Dhalsim, Ryu/Ken, IDF, Arumat (Trading Card), Arumat (Trading Card), Myuria (Trading Card), Lymle, Lymle, Green, Ghost Android, Nakamura, Jacker (Trading Card), Blue, Red, Quirrel, Dung Defender, Hollow Knight (Trading Card), Broken Shell, Broken Shell, Battle vs Chess Booster Pack, INTERNATIONAL ROUNDHOUSE, CLASS A4 "MALLARD", SOUTHEASTERN CLASS 395, DiRT 3 Complete Edition Booster Pack, STAR OCEAN™ - THE LAST HOPE™ - 4K & Full HD Remaster Booster Pack, Schneider, Circuit To Success, The Comfort You Deserve, The Comfort You Deserve, The Duelist, Dactyl Riders, Centaur Man, Vile MK-2, MMXLC: Axl, Vile MK-2, The Duelist, PTOLEMY, AYA, JULIUS CAESAR, Cooked Meat, Guts, Trisha?, Ham Fisted, Grey Mother, Sorrow Pass, Kit Cat, Muscle Governor, Drakoth (Trading Card), Emilienator, Kit Cat, Governor, Kit Cat, Gilda Ire, Vladyn The 100 Demon Arm, Wyatt Goibniu, Battle vs Chess Booster Pack, Left 4 Dead 2 Booster Pack, Charlotte (Trading Card), Riesz (Trading Card), Shizuka, Magicka 2 Booster Pack, Dragon form, Dragon form, Frog form, [GGI] Sol Badguy, Eddie (Trading Card), Faust (Trading Card), Randi (Trading Card), Luka, Gemma (Trading Card), Randi (Trading Card), [GGI] Potemkin, Pip Holy Beast Form, It Was You!, End of the Line, Knife Way to Make Friends, Kwolok, Twillen (Foil Trading Card), Twillen (Trading Card), New Family Member, Opher, Ambush, Breach, Range Rover SVR, BMWI8, VW, Mammoth Tank, Masks On, Happy Forest, Happy Forest
And that's not everything. But these include items I spent time to acquire. Some I may not get back. So again - let's see how things go.
Here is a better awarness post:
Stop driving and texting, FFS.
Losing a few cheap items is way too low of a price you had to pay.
♥♥♥♥♥♥♥ word!
I despise people that don’t give their driving complete attention. That is exactly how accidents happen.
LoL. Love the turn. Lemme be the troll. I text with both hands while driving. Been doing so for years. Not everyone has the dexterity. Should I mention I was also on calls with my office at the time? Attention divided. Fully concentrated on the road.
Let's see.....30 years of doing so with no accidents.
Agreed. Texting and driving is not recommended.
As I've said repeatedly, but let me make it more clear. I'm not looking for sympathy. Everything can be bought back. I'm putting the info out so people can be aware and realize that there's no recourse from STEAM.
Cheers.
Yeah. The advice is typical cyber security stuff. Validate the link etc... If I were at my PC or laptop then I'd have seen the mistake in the spelling. URL didn't fully display in the phone browser. Work has also been hectic. To the point that a business partner is thinking of sending help from overseas. So looking at STEAM was last on my list before the weekend.
Got back a few friends and ran some CS Source off my VPS. So that's a plus. Now to plan a link up to wash away the issue.
Good stuff. And with the evolving methods in use it's best to be like that. Had two friends - persons I know personally - send similar links. That's what lowered my guard. Plus was driving between locations for work.
Won't be a second time for me. But hoping the lesson will be taken to prevent a first time for others.
But this is what I tell my family, wife, and daughters stop trying to do everything on ya cell.
There are only Three things I do on my phone, check my bank account log in with my fingerprint, through the Apple-provided app, I text, and make calls. I stay logged out of all web browsers. And will be installing Bitdefender on all cell phones, It has saved my rear many times on my PC.