You exposed your login credentials:
a) Either by logging into a site that faked a Steam login and made a bot log into your account using the save password as well as the trust device feature while injecting a Steam API access into it.
b) Or by installing malware that stole your session data or injected a keylogger.

For that reason, trading using third party sites is considered a huge security risk.

1. Scan for malware https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
4. Change passwords from a clean computer
5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)
7. Change your trade link: Profile > your inventory > trade offer > Who can send me trade offer > scroll down and make a new trade link.

Spent Steam Points are non-refundable.

Originally posted by Ettanin:

You exposed your login credentials:
a) Either by logging into a site that faked a Steam login and made a bot log into your account using the save password as well as the trust device feature while injecting a Steam API access into it.
b) Or by installing malware that stole your session data or injected a keylogger.

For that reason, trading using third party sites is considered a huge security risk.

1. Scan for malware https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
4. Change passwords from a clean computer
5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)
7. Change your trade link: Profile > your inventory > trade offer > Who can send me trade offer > scroll down and make a new trade link.

Spent Steam Points are non-refundable.

Can I recover my steam points?

Originally posted by Cockroach ⁧⁧eater:

Originally posted by Ettanin:

You exposed your login credentials:
a) Either by logging into a site that faked a Steam login and made a bot log into your account using the save password as well as the trust device feature while injecting a Steam API access into it.
b) Or by installing malware that stole your session data or injected a keylogger.

For that reason, trading using third party sites is considered a huge security risk.

1. Scan for malware https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
4. Change passwords from a clean computer
5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)
7. Change your trade link: Profile > your inventory > trade offer > Who can send me trade offer > scroll down and make a new trade link.

Spent Steam Points are non-refundable.

Can I recover my steam points?

nope

Originally posted by magicISO Sweden:

Originally posted by Cockroach ⁧⁧eater:

Can I recover my steam points?

nope

♥♥♥♥ Steam. I'm moving to Epic Games.

Originally posted by Cockroach ⁧⁧eater:

Originally posted by magicISO Sweden:

nope

♥♥♥♥ Steam. I'm moving to Epic Games.

steam fault that you gave away your login info ? stop using your steam login when they ask for it only place is steam

Originally posted by magicISO Sweden:

Originally posted by Cockroach ⁧⁧eater:

♥♥♥♥ Steam. I'm moving to Epic Games.

steam fault that you gave away your login info ? stop using your steam login when they ask for it only place is steam

Damn, did I sleepwalk, give random people my steam info then accept all Log-in Requests on my turned off phone?

but you can always ask nice to steam support but tell them the truth about where you did login with your steam

Originally posted by Cockroach ⁧⁧eater:

Originally posted by magicISO Sweden:

steam fault that you gave away your login info ? stop using your steam login when they ask for it only place is steam

Damn, did I sleepwalk, give random people my steam info then accept all Log-in Requests on my turned off phone?

still blame steam for your fault

Originally posted by magicISO Sweden:

but you can always ask nice to steam support but tell them the truth about where you did login with your steam

i logged into steam from the "Steam App" on my phone (the google play must have mixed up with the virus version and the regular one) and the "Steam" Launcher on my PC (store.steampowered.com must have provided a virus and not the real launcher)

Originally posted by magicISO Sweden:

Originally posted by Cockroach ⁧⁧eater:

Damn, did I sleepwalk, give random people my steam info then accept all Log-in Requests on my turned off phone?

still blame steam for your fault

yep, its my fault that I got hacked while I was asleep without giving any website other than store.steampowered.com my login credentials (which would also require me to use 2FA)

Originally posted by Cockroach ⁧⁧eater:

Can someone tell me how to revert this as I've been saving up for years and I am absolutely heartbroken that steam would do something like this

You can try to reset (not just change) your password. Resetting your password will cancel all given awards and return your points.

You should still secure your account first (see post #1).

Originally posted by Lilim:

Originally posted by Cockroach ⁧⁧eater:

Can someone tell me how to revert this as I've been saving up for years and I am absolutely heartbroken that steam would do something like this

You can try to reset (not just change) your password. Resetting your password will cancel all given awards and return your points.

You should still secure your account first (see post #1).

thank you so much! i was honestly crying so ♥♥♥♥♥♥♥ hard, ill change my password now

Originally posted by Lilim:

Originally posted by Cockroach ⁧⁧eater:

thank you so much! i was honestly crying so ♥♥♥♥♥♥♥ hard, ill change my password now

You have to reset your password. Changing it doesn't cancel your awards.

Your account is still compromised! Secure your account!

yeah, im doing that right now. thanks, you are a life saver!

Originally posted by Cockroach ⁧⁧eater:

Originally posted by magicISO Sweden:

still blame steam for your fault

yep, its my fault that I got hacked while I was asleep without giving any website other than store.steampowered.com my login credentials (which would also require me to use 2FA)

You're assuming when the attacker robbed your account was the same moment when they got the credentials. What evidence do you have for that assumption? The reality is users give away their credentials and it could be days, weeks, even months before an attacker exploits them.

In short you're making the most convenient self-serving arguments to protect your ego. But it doesn't change reality. You're not alone, human beings are just perpetually bad at account management and account security. The user is the weakest part of the security model, it's why so many techniques involve exploiting user weakness as opposed to l33t h4x0ring the platform. The first is almost trivial, and the other is hard, time consuming, labor intensive and can be fixed quickly. But human beings, they're never going to change, so they're a much more attractive target.

It is possible to secure your account and keep it secure. But it requires you to take this close call and learn what matters and why to avoid future mistakes.