Remove the malicious link immediately or risk a permanent ban. Idiotic behaviour

Oh ♥♥♥♥, I didn''t even think of that. Thanks for the warning.

Originally posted by wat_is_deze_ding:

Oh ♥♥♥♥, I didn''t even think of that. Thanks for the warning.

Cheers! First thing your friend must do is make sure his PC is secure against harmful infections such as keylogging material and malware. He should download Malwarebytes from their official site for free and run it along with running his standard anti-virus. ALL passwords associated with the device in regards to online accounts must be changed after it's secure against lingering infections.

As his account is compromised in this way; he can attempt to self-lock it but if this isn't possible due to the nature of the hijack; he'll need to contact Support if he hasn't done so already.

So locking the account and having the support take a look at it is the only way to fix it?
Or would using proper antivirus software fix it?
In other words, is this limited to his computer being infected, or is his account messed up in general?

uh,,

Originally posted by wat_is_deze_ding:

So locking the account and having the support take a look at it is the only way to fix it?
Or would using proper antivirus software fix it?
In other words, is this limited to his computer being infected, or is his account messed up in general?

It depends how compromised the account is. If he can still login and access it; he can just change the passwords and de-authorise all other devices so nobody can else can use it but him on his own computer. If he can't get into it; Support is the only way. He should notify Support regardless as he could be seen as accountable for the malicious links being farmed out so he should notify them in detail of the situation to avoid possible severe reprocussions down the line.

Bottom line though; he needs to run anti-malware and anti-virus on his computer without fail before doing anything else. Steam being compromised is one thing but he could end up seeing his personal information and other sensitive account details stolen. These software can only remove infections - the Steam account compromise has to be dealt with by Support or through him if he can obtain control of the account.

He just logged in on my PC to check it out; he always had Steam guard enabled and it was now off for some reason, so he reenabled it and changed his password, and he's downloading malwarebytes at the moment. Waiting to see if it's still gonna send bot links or not.

If you wish to add me, pm that phishing/malware URL, I can remote snoop it. Give you some idea of what it is and also have the malicious hosting suspended/terminated in most cases.

(whatever you do, just don't click on those links yourself)

Updated: For you, your friend and others information

Phishing website of Google Screenshots - Faking an image screenshot, which is actually an exploited SCR file, auto-running a variant of MSIL/Kryptik.DNX trojan.

If anyone is infected with this, your personal files might start being encrypted, when finished the virus will lock out your access and attempt to blackmail you into payment.

Avoid paying - you can get decryption software from most anti-virus offical websites to do that for free.

Originally posted by wat_is_deze_ding:

He just logged in on my PC to check it out; he always had Steam guard enabled and it was now off for some reason, so he reenabled it and changed his password, and he's downloading malwarebytes at the moment. Waiting to see if it's still gonna send bot links or not.

He should de-authorise all other devices too when on his own PC as this will block any other users having access to his account at that time. Also when he's secured his PC with the relevent software; he must then change every online account password he has.

Don't worship Malwarebytes to much. Running an online scan is a bad idea by definition. While it might work in practice, it might also not to.
And no, an online scan doesn't have anything to do with the internet. A weird person on this forums keeps claiming that starting in safe mode without networking means it'll be an offline scan. It wont.