Your account is compromised and the hijacker wants to scam you.

Do NOT trade any of your item to anyone and do not attempt to trade anywhere as yet.

You need to follow all of these steps in this exact order...


1) Scan for malware. https://www.malwarebytes.com/

2) Deauthorize all devices https://store.steampowered.com/twofactor/manage

3) Change your password on a secure device.

4) Generate new back up codes. https://store.steampowered.com/twofactor/manage

5) Revoke the api key https://steamcommunity.com/dev/apikey

Exactly what Robin3ak posted is spot on correct, your account been compromised.


Most common reason people get accounts hijack for any service really are as followed.
- Sharing account infomation with others.
- Logging in on phishing sites.
- Downloading / Installing Virus / Keylogger on your system.
- Using public devices that has keyloggers, such as cyber cafe, school computers, and etc...
- Storing your login credentials on a unsecured service that others has access to view.
- Using same login credentials for all your things, or using same login credentials on another service that had a data leak. Yes it does matter because even if it not related to Steam, if using same login credentials, hijackers will try to use those credentials to see what services you use with those credentials. https://haveibeenpwned.com/

Hi, i just received the same thing. I really thought my account would be gone but im glad i found this post. Although i dont understand why anyone would hack my account, the items i can trade are not worth more than 5€ in total... ? Gonna try those steps now

There seems to be an influx of compromised accounts.

We're getting a lot posts about it in our Discord server and on the subreddit of r/Steam.

On the main forums here, a lot of other users are giving away their account details as well.

¯\_(ツ)_/¯

Originally posted by 76561198119986947:

Hi, i just received the same thing. I really thought my account would be gone but im glad i found this post. Although i dont understand why anyone would hack my account, the items i can trade are not worth more than 5€ in total... ? Gonna try those steps now

Nobody is 'hacking' your account - you gave away your credentials to a phishing page and these were login-botted into a real client so you were automatically compromised rather than specifically targeted.

Originally posted by 76561198119986947:

Hi, i just received the same thing. I really thought my account would be gone but im glad i found this post. Although i dont understand why anyone would hack my account, the items i can trade are not worth more than 5€ in total... ? Gonna try those steps now

Doesn't matter what the value of your items, they take whatever they can from you, your account, items, and Steam wallet funds if any on the account, that what they do.

Yes please ensure to follow the steps that Robin3ak provided above, and read my post below his steps which explains the most common reasons why people get their account hijacked.

I see, i could not find any malware although indeed my credentials were leaked on 1 website according to https://haveibeenpwned.com/ . I have no clue what to do with it and if i should be worried? Thanks for the help already, at first i really thought my account would be banned

Also i wonder, how could anyone login to my account without having to use the authenticator on my phone?

Originally posted by Raymond Holt (Velvet Thunder):

Also i wonder, how could anyone login to my account without having to use the authenticator on my phone?

They usually get it when you log in via the page and supply it right there.

2FA is really moot when you give away your auth code.

It does its job when someone just has your account name and password.

Originally posted by Raymond Holt (Velvet Thunder):

I see, i could not find any malware although indeed my credentials were leaked on 1 website according to https://haveibeenpwned.com/ . I have no clue what to do with it and if i should be worried? Thanks for the help already, at first i really thought my account would be banned

Just means, don't use the same password's that you had for that 1 website, so if you have the same password for any of your other services, do change that ASAP, so you wouldn't have to worry about it later down the road. Reason to that is because credentials are sold to any hijackers that looking for accounts to see if they can hijack anything related to the credentials that were leaked.

Originally posted by Robin3sk:

Originally posted by Raymond Holt (Velvet Thunder):

Also i wonder, how could anyone login to my account without having to use the authenticator on my phone?

They usually get it when you log in via the page and supply it right there.

2FA is really moot when you give away your auth code.

It does its job when someone just has your account name and password.

^Exactly.

if you had no 2fa for Steam, then it was cross credential leak.
if you had 2fa for Steam on email, then it was phishing/malware or compromised email account.
if you had 2fa for Steam on mobile, then it was phishing/malware.

it really is mostly that simple

you had mobile authenticator? then you gave your credentials away, including the guard code. from that point there are many different attacks and scams that can be done.

they can overtake your account,
they can pressure you into doing trades via various methods (one you encountered),
or they use the silent variant and just wait for you to do a trade yourself.
all in dozens of variants.