Все обсуждения > Форумы Steam > Help and Tips > Подробности темы
Mat'yus 18 июн. 2022 г. в 9:22
Hacked account and Stolen wallet money
Today before noon some Asian hacked into my Steam account. Changed email and password. Thanks to the keys that I had saved on my computer, I got my account back. However, this is only half the information.
It turned out that he had bought some Dota 2 items worth PLN 150 from my account. I suspect the seller is his trading account ... I was collecting money in my Steam wallet, putting some money aside each month from the beginning of January. Any chance I could get my money back? I didn't make the transaction - I live in Europe.
The account was secured, and yet it was hacked, and so was the theft of money.
< >
Сообщения 115 из 16
Astaroth 18 июн. 2022 г. в 9:29 
Автор сообщения: Mat'yus
Any chance I could get my money back?

No

Steam Item Restoration Policy

Steam Support does not restore items that have left accounts for any reason, including trades, market transactions, deletions, or gifting.

Community Market FAQ
How can I reverse or cancel a completed Community Market transaction and/or get a refund?

All purchases are final – you will not have any right to a refund or a reversal of any Community Market transaction once it is completed.

Автор сообщения: Mat'yus
... and yet it was hacked

No, it wasn't. It was hijacked, most likely by phishing
#1
Mat'yus 18 июн. 2022 г. в 10:24 
So according to Steam, it's my fault the money was stolen? This is not my friend or business partner. The transaction was made without my participation, after the account was hijacked. I assure you, I do not share login details with anyone, I do not click on suspicious links.
#2
Astaroth 18 июн. 2022 г. в 10:56 
Автор сообщения: Mat'yus
So according to Steam, it's my fault the money was stolen

Basically, yes. You're responsible for the security of your account as per Subscriber Agreement

Steam Subscriber Agreement

You may not reveal, share or otherwise allow others to use your password or Account except as otherwise specifically authorized by Valve. You are responsible for the confidentiality of your login and password and for the security of your computer system. Valve is not responsible for the use of your password and Account or for all of the communication and activity on Steam that results from use of your login name and password by you, or by any person to whom you may have intentionally or by negligence disclosed your login and/or password in violation of this confidentiality provision. Unless it results from Valve’s negligence or fault, Valve is not responsible for the use of your Account by a person who fraudulently used your login and password without your permission.

Автор сообщения: Mat'yus
I assure you, I do not share login details with anyone, I do not click on suspicious links.

You did, at some point, otherwise your account wouldn't have been compromised

Speaking of which, you should perform these security measures to secure your account

1. Deauthorize all other devices from here
2. Change your password on a secure device from here
3. If you have the Mobile Authenticator enabled, generate new back up codes from here
4. Revoke your API Key from here. The "Domain Name" field should be empty, like shown in this image
5. Optional: Scan your computer for malware. You can use Malwarebytes[www.malwarebytes.com]
6. Optional: Change your email's password
#3
J4MESOX4D 18 июн. 2022 г. в 11:04 
Автор сообщения: Mat'yus
So according to Steam, it's my fault the money was stolen? This is not my friend or business partner. The transaction was made without my participation, after the account was hijacked. I assure you, I do not share login details with anyone, I do not click on suspicious links.
Absolutely. Users are responsible for their accounts at all times. Steam is not a bank and store credit is not insured. All you can really do is secure your account and report any ones that may be involved.

Somewhere along the lines you allowed your entire credential set to be captured and your account shadow-hijacked.
#4
Muppet among Puppets 18 июн. 2022 г. в 12:23 
Contact support about what happened and the money and what happened with that.
Maybe they can do something.

Of course after you secured your account and checked the contact details are right now.
Отредактировано Muppet among Puppets; 18 июн. 2022 г. в 12:24
#5
Mat'yus 18 июн. 2022 г. в 12:50 
Автор сообщения: Muppet among Puppets
Contact support about what happened and the money and what happened with that.
Maybe they can do something.

Of course after you secured your account and checked the contact details are right now.

Secured, two times checked. I sent message with all info and screens. Tried the best before to secure acc... It was, but didnt work. Almost ten years no one hijacked my acc. Good my acc back, but Im not feeling good anyway.
#6
Ducks on Fire 18 июн. 2022 г. в 13:04 
Автор сообщения: Mat'yus
Автор сообщения: Muppet among Puppets
Contact support about what happened and the money and what happened with that.
Maybe they can do something.

Of course after you secured your account and checked the contact details are right now.

Secured, two times checked. I sent message with all info and screens. Tried the best before to secure acc... It was, but didnt work. Almost ten years no one hijacked my acc. Good my acc back, but Im not feeling good anyway.
Were you ever prompted to log in to Steam from any sort of websites you've used?
#7
Mat'yus 18 июн. 2022 г. в 13:10 
Автор сообщения: Ducks on Fire
Автор сообщения: Mat'yus

Secured, two times checked. I sent message with all info and screens. Tried the best before to secure acc... It was, but didnt work. Almost ten years no one hijacked my acc. Good my acc back, but Im not feeling good anyway.
Were you ever prompted to log in to Steam from any sort of websites you've used?

I have not logged in to other sites via Steam. The only authorization is my phone, I haven't logged in anywhere else. I only use Steam. I don't take part in giveaway, I also have games on other PC platforms.
#8
Crazy Tiger 18 июн. 2022 г. в 13:14 
Автор сообщения: Mat'yus
Автор сообщения: Ducks on Fire
Were you ever prompted to log in to Steam from any sort of websites you've used?

I have not logged in to other sites via Steam. The only authorization is my phone, I haven't logged in anywhere else. I only use Steam. I don't take part in giveaway, I also have games on other PC platforms.
The way Steam accounts get hijacked usually is either via phishing or malware. Usually it's phishing. Very occassionally it's reused weak accountnames and passwords.

Keep in mind that phishing sites can be very convincing. And that it can happen to the best.
#9
Muppet among Puppets 18 июн. 2022 г. в 13:58 
I would start thinking about any situation where you used your login details anywhere outside the login to your steam when starting it.

If there is no situation (as in none), and you did not use the password for some other account as well,
it leaves the possibility of an infected computer.
#10
Mat'yus 18 июн. 2022 г. в 14:08 
Автор сообщения: Muppet among Puppets
I would start thinking about any situation where you used your login details anywhere outside the login to your steam when starting it.

If there is no situation (as in none), and you did not use the password for some other account as well,
it leaves the possibility of an infected computer.

Antivirus is detecting threats, but even it could be mistaken. I dont know. But never had problems with "hijack", only one time. Almost 10 years ago, but guilty one was my ex girlfriend.
#11
lolschrauber 18 июн. 2022 г. в 14:40 
If you're telling the truth, you had an incredibly weak password and someone had to guess your username. Still, it'd be impossible to get in if you had 2FA Activated.

This doesn't quite add up
#12
Mat'yus 18 июн. 2022 г. в 15:13 
Автор сообщения: lolschrauber
If you're telling the truth, you had an incredibly weak password and someone had to guess your username. Still, it'd be impossible to get in if you had 2FA Activated.

This doesn't quite add up

My password was long, it was easier when I was a child. I had everything set up before the event, but it wasn't enough. Currently, all other accounts have been checked and changed passwords, as a matter of principle. I can not do more, only scan the system and hope that the situation will not happen again.

It sounds unbelievable, but with everything on, I was robbed - it happened. If there were more forms of security, I'd have all of them checked, believe me. I have few accounts and I care about everything. Especially since I never had a lot of money for games.
#13
J4MESOX4D 19 июн. 2022 г. в 2:20 
You definitely gave away your credentials somewhere along the lines but just don't realise it. To date, Steam has never been 'hacked' by definition and they certainly wouldn't target you alone out of over 100m active users. As said above, to login, they'd need to guess your login name and password plus a changing auth cde which in itself would be an absolute miracle and the equivalent of winning the lottery jackpot 100 times in a row.

The only logical and simplest explanation is you gave away your entire credential set to a phishing login without realising.
#14
Phoenix 19 июн. 2022 г. в 4:29 
Автор сообщения: J4MESOX4D
The only logical and simplest explanation is you gave away your entire credential set to a phishing login without realising.

This. I find it quite a bold claim to make that your account was hacked (i.e. somebody hacked Valve, exfiltrated the user database and somehow reconstructed the password from the saved hashes) instead of your PC being compromised or you simply having fallen for a scam and getting phished.

Given the evidence it is far more likely that you have compromised your own account.
#15
< >
Сообщения 115 из 16
Показывать на странице: 1530 50

Все обсуждения > Форумы Steam > Help and Tips > Подробности темы
Дата создания: 18 июн. 2022 г. в 9:22
Сообщений: 16
Новое обсуждение

Правила обсуждений