Install Steam
login
|
language
简体中文 (Simplified Chinese)
繁體中文 (Traditional Chinese)
日本語 (Japanese)
한국어 (Korean)
ไทย (Thai)
Български (Bulgarian)
Čeština (Czech)
Dansk (Danish)
Deutsch (German)
Español - España (Spanish - Spain)
Español - Latinoamérica (Spanish - Latin America)
Ελληνικά (Greek)
Français (French)
Italiano (Italian)
Bahasa Indonesia (Indonesian)
Magyar (Hungarian)
Nederlands (Dutch)
Norsk (Norwegian)
Polski (Polish)
Português (Portuguese - Portugal)
Português - Brasil (Portuguese - Brazil)
Română (Romanian)
Русский (Russian)
Suomi (Finnish)
Svenska (Swedish)
Türkçe (Turkish)
Tiếng Việt (Vietnamese)
Українська (Ukrainian)
Report a translation problem
Discussions Rules and Guidelines
Report this post
1. Scan for malware https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
4. Change passwords from a trusted/clean device.
5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)
Regarding items:
https://help.steampowered.com/faqs/view/3B6E-B322-2400-8D24
Most likely if your not using your pc , i imagine your using a mobile smartphone device. They probably installed something bad on it, or you visited a trading site to trade skins or something and they fooled you into giving your credentials away. Follow the step above as Aluvard posted to make your phone safe. Malwarebytes even has a smart phone version too.
Obviously, i have already stated WHAT hijacked me, it was a RAT an remote acces tool. I was NOT logged into steam on this pc which was RATTED. It only got them my username and password. HOW did they bypass steam authenticator??
If you had Steam set to save login so you didn't have to enter your credentials, including 2fa code, the RAT stole the login token that stored the fact it's already logged in. With a token transferred to the hijacker it would show you logged in on their system.
Save my login seems nice and speeds things up but in the case of a system compromise it a huge problem. Same thing has been done to countless other people, lots of popular youtubers accounts where hijackers upload deepfakes trying to coax viewers to invest in cryptocurrencies and stuff
Even though I am to lazy, so I use Steam Guard to log in...
The machine I'm commonly using has bin powered off but was recognized to be online in hongkong, even though my computer is located in Germany...
For the moment the only thing you can do is to force a log out of all your steam devices, change your password, disable Steam Guard, reenable it and do all the log in again... this will help at least for a while
Yes, spot on. You practically invited him to waltz right in.
You gave him the key and said "Here you go! Take whatever you like."
Pretending you're not guilty won't help at all. Admitting it and adjusting your online habits? Now that's progress.
Again, i KNEW i was ratted. i downloaded the wrong thing and instantly knew it was a rat. I thought i had removed it with malwharebytes BUT just incase i had my paypal that is connected to bank and my steam accounts forcefully logged out, so even I had to use a 2fac on the ratted machine to get in. so again, stop spewing ♥♥♥♥♥ and answer my question. How did they bypass my 2fac
This was said above by Supafly but I am unsure how to quote on discussions.
That entirely answers how they bypassed your 2FA.
Missed this answer. Thank you for telling me
If you had a authentication and you were completely offline I can't see how this was possible.\
-as a wise man once said "respect your elders who have been on steam longer than you"
I can't comprehend how stupid yall are. I was clean wiping my PC at 8 PM when i found out he was active on the PC by using my GMAIL. at 10 PM, when my PC was already reformatting and plugged of ethernet they got into my steam.
You probably dont know the answer so thats why you are trying to make me look stupid. I have alot of experience in this ♥♥♥♥ so i was actually dumbfounded that they still were able to get into my steam, and also sell items without an authenticator.
Again i downloaded a rat. iknew it was a rat. my antivirus removed a file. i thought i was safe. i still took precaution and logged my important stuff out. and they still got into my account.
Also to look back on ' respect your elders ', my oldest steam account has 20 years of service mate, just csgo vac banned so i needed this new one