Todas las discusiones > Foros de Steam > Help and Tips > Detalles del tema
MKBMW 11 FEB 2024 a las 23:01
Advices on hijacked steam account
Since I got phised half year ago , I started to pay more attention on my account security , unfortunately this happened again to me yesterday by the same Russian dude sending phishing link of catch 50 dollars link to my friends. Please may I have some advices on how to prevent it again. ( I didn't click any phishing link after first hijacking )
Things I have done after got hijacked second time:
1.changed password and email
2.de Auth all devices
3. Requested new back up code on steam guard
4. Used Malwarebyte to scan my pc but no threats are found
5. Checked the api revoke link , but I am not sure is it ok since the section is blank ( not sure it is the input box for new api or what)
One thing I am alerted of is the 2nd time hijacking happened after I login web steam by mobile chrome browser by around 6 hrs . On account of the first phising case, could it be possible sth related to Chrome cookies or what still being hijacked by the same dude and he could access my web steam session token ( or similar stuff)? I have cleared all my website info ,steam password saved by Chrome and cookie stuff just before posting this and wonder this could help or not.
Thx for reading my trash english
Última edición por MKBMW; 11 FEB 2024 a las 23:17
< >
Mostrando 1-10 de 10 comentarios
Callahan420 11 FEB 2024 a las 23:11 
Do them in this order.

Scan for malware https://www.malwarebytes.com/
Deauthorize all other devices https://store.steampowered.com/twofactor/manage
Change passwords from a clean computer
Generate new backup codes https://store.steampowered.com/twofactor/manage
Revoke the API key https://steamcommunity.com/dev/apikey
Stop using shady third party skin trading/gambling sites or clicking suspicious links.
#1
MKBMW 11 FEB 2024 a las 23:28 
Publicado originalmente por Callahan420:
Do them in this order.

Scan for malware https://www.malwarebytes.com/
Deauthorize all other devices https://store.steampowered.com/twofactor/manage
Change passwords from a clean computer
Generate new backup codes https://store.steampowered.com/twofactor/manage
Revoke the API key https://steamcommunity.com/dev/apikey
Stop using shady third party skin trading/gambling sites or clicking suspicious links.
I have done these already, just make sure it has nothing to do with web cookies or related stuffs as the hijacking bypassed my steam guard. Two possibilities contributing to this are i again enter all my login credentials and authorization code on the phishing link
( which are likely not in this case after got hijacked first time ). Another possibility would be somehow he stole my session token so he enters my account just like using my pc, I know this could happen if my pc is shadow-hijacked, but since Malwarebyte scans no virus or sussy stuff , I doubt it had to be sth done with my web security
Última edición por MKBMW; 11 FEB 2024 a las 23:48
#2
shiel 12 FEB 2024 a las 3:20 
The easiest way to avoid it is to not be a moron. Never sign into Steam from third party sites or links sent to you.
#3
MKBMW 12 FEB 2024 a las 4:32 
Publicado originalmente por shiel:
The easiest way to avoid it is to not be a moron. Never sign into Steam from third party sites or links sent to you.
Absolutely, I am just upset about the hacker is still capable to hijack my account after I went through the recommended procedure. (Like the I didn't click any sus link and enter login credentials to non steam website after first hijacking, but it still happens second time,so probably there might be some gateway for him to get my info either by a hidden virus or sth relate to chrome cookie since i have heard hacker can keep our session token and thus hijacking users account permanently )
#4
Lilim 12 FEB 2024 a las 4:36 
Publicado originalmente por MKBMW:
...so probably there might be some gateway for him to get my info either by a hidden virus

Have you scanned your computer for malware?

Here are some other common "gateways":

  • Have you been asked to vote for a team/tournament/pixel art?
  • Have you been asked to register for a tournament?
  • Have you used any third-party site for gambling or trading?
  • Have you logged in on a public device?
  • Have you entered any giveaways/giveaway groups?
  • Have you tried to claim any "free 50$ gift cards"?
  • Have you talked to an "admin" after being "accidentally reported"?
  • Does someone else use your PC or your account?
#5
N3tRunn3r 12 FEB 2024 a las 5:00 
If you logged in into a scam/phishing site, you gave away all of your Steam Account credentials and login informations. A bot creates and places an API-key into your Steam account and therefore get semi-full access to it. This API-key in this case can be seen as a legitimiate "trojan", and/or as a remote access for developers.

Even your SteamGuard Codes / 2FA get become cloned for them .. or simply bypass it ..

Hundreds and thousands of Steam Accounts become hijacked like this on a DAILY BASIS, cuz of greed .. using account credentials and security measures without a brain ..

Here, this is my version and work through that list, if you havent yet as mentioned above:

# # # # # # # # # # # # # # # # # # # # # # # # #
⚠️ YOUR ACCOUNT HAS BEEN COMPROMISED ⚠️
# # # # # # # # # # # # # # # # # # # # # # # # #

Stay cool!! They have gained access to your Steam account!!

You have been fooled/tricked by scammers/hijackers to give away your login credentials on some fake and/or phishing website, link or similar!!

DO "NOT" TRADE
Many scams try and scare you into trading your items and they become hijacked !!
Hijacked money and items will NOT be recovered by Steam Support since 2015 !!

Steam Item Restoration Policy
https://help.steampowered.com/en/faqs/view/3B6E-B322-2400-8D24


⚠️ Act now immediately and do following steps "ASAP" ⚠️
  1. Scan for malware:
    https://www.eset.com/int/home/online-scanner/

  2. Change your E-Mail Account password from a trusted/clean computer or device!!

  3. Check, if your E-Mail address and Phone number are still correct:
    https://store.steampowered.com/account/

  4. Revoke/Delete the API key, there should be a blank field in the APIKEY section:
    https://steamcommunity.com/dev/apikey

  5. Immediately deauthorize all devices - this logs you out of Steam:
    https://store.steampowered.com/twofactor/manage

  6. Change Steam Account password from a trusted/clean computer or device!!

  7. Generate new backup codes:
    https://store.steampowered.com/twofactor/manage

  8. Deauthorize all devices again:
    https://store.steampowered.com/twofactor/manage

  9. Re-check the APIKEY section & report all involved scammer/hijacker on associated platform/s!!

How to Report a Scammer, Hijacker or Phisher
https://help.steampowered.com/en/faqs/view/4D07-D139-587C-2080

  1. Report Player
  2. They are involved in theft, scamming, fraud or other malicious activity
  3. They are engaged in item theft or scamming
    or: They are trying to steal my account or information
  4. Submit this account for review
  5. "your personal text"

Recovering a Stolen or Hijacked Steam Account


To Recover, if you don't have access to the account
https://steamcommunity.com/sharedfiles/filedetails/?id=1126288560


Scam FAQ (Confidence Scams and Trade Scams)
https://help.steampowered.com/en/faqs/view/70E6-991B-233B-A37B


Also check from where your account was being accessed from:
https://help.steampowered.com/en/accountdata/SteamLoginHistory


Open a Support Ticket, Steam Support might help localizing the hijacker:
https://help.steampowered.com/en/wizard/HelpAccountDataQuestion


Here is more account related data to find:
https://help.steampowered.com/en/accountdata/


Good Luck !!

:cwat:
Última edición por N3tRunn3r; 12 FEB 2024 a las 5:01
#6
Muppet among Puppets 12 FEB 2024 a las 8:23 
If you are sure you did not leak the details again,
it must have been a device you used.
#7
nullable 12 FEB 2024 a las 8:30 
Publicado originalmente por MKBMW:
Publicado originalmente por shiel:
The easiest way to avoid it is to not be a moron. Never sign into Steam from third party sites or links sent to you.
Absolutely, I am just upset about the hacker is still capable to hijack my account after I went through the recommended procedure. (Like the I didn't click any sus link and enter login credentials to non steam website after first hijacking, but it still happens second time,so probably there might be some gateway for him to get my info either by a hidden virus or sth relate to chrome cookie since i have heard hacker can keep our session token and thus hijacking users account permanently )

Patting yourself on the back for not clicking on links or falling for phishing (as far as you know) but not keeping your system secure doesn't really improve your situation or negate your responsibility for your account being repeatedly compromised.

Fact is you're probably not being l33t h4x0r'd, even if the idea is attractive because you think it somehow negates your responsibility. Ultimately whether you're leaking your credentials, or your whole system is compromised, that's still all you. Neither your system nor your account became compromised in a vacuum.
#8
MKBMW 12 FEB 2024 a las 8:55 
Alright thx for replying my post , hope scanning pc thoroughly and maintain a good habit of using internet could prevent this happening again
#9
MKBMW 12 FEB 2024 a las 10:25 
Publicado originalmente por nullable:
Publicado originalmente por MKBMW:
Absolutely, I am just upset about the hacker is still capable to hijack my account after I went through the recommended procedure. (Like the I didn't click any sus link and enter login credentials to non steam website after first hijacking, but it still happens second time,so probably there might be some gateway for him to get my info either by a hidden virus or sth relate to chrome cookie since i have heard hacker can keep our session token and thus hijacking users account permanently )

Patting yourself on the back for not clicking on links or falling for phishing (as far as you know) but not keeping your system secure doesn't really improve your situation or negate your responsibility for your account being repeatedly compromised.

Fact is you're probably not being l33t h4x0r'd, even if the idea is attractive because you think it somehow negates your responsibility. Ultimately whether you're leaking your credentials, or your whole system is compromised, that's still all you. Neither your system nor your account became compromised in a vacuum.
Hmm what's the point of saying that? I have told you I already used Malwarebyte to scan my pc and no threats could be found , also I am asking for could there be any possibility the hacker can hijack my account again via web cookies or session token.. Moreover I always keep my windows anti-virus service on...
I had never blame anyone , including steam, for my account being hijacked, so you don't have to emphasize my responsibility. If you are willing to help , at least please advise some additional action I could take to secure my system. All in all , I know hijacking won't happen in vacuum, but the problem would be any thing done with web browser.., or the virus is too strong even Malwarebyte, windows defender can't figure it out
Anyway I still appreciate your kindness
Última edición por MKBMW; 12 FEB 2024 a las 11:28
#10
< >
Mostrando 1-10 de 10 comentarios
Por página: 1530 50

Todas las discusiones > Foros de Steam > Help and Tips > Detalles del tema
Publicado el: 11 FEB 2024 a las 23:01
Mensajes: 10
Comenzar una nueva discusión

Normas y directrices sobre discusión