your account is compromised
DO NOT TRADE
If you have access to the account

Steps to take NOW to secure the account:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)


Please review how you are logging into Steam, you somehow gave them your log in information. This could of been due to the computer being compromised and redirecting to a fake login, or you using a 3rd party site to login to steam.

Here's the usual steps to clean an infection. Remember to send a warning to your friends afterwards.

Deauthorize all devices https://store.steampowered.com/twofactor/manage
Change your password on a secure device.
Generate new back up codes. https://store.steampowered.com/twofactor/manage
Revoke the api key https://steamcommunity.com/dev/apikey
Check that the email and phone number on the steam account is still yours.

Also an important advice, to avoid such hijackings:
In the future, do not do Steam logins on other websites. Instead do a browser login on the website of Steam (store.steampowered - bookmark it to avoid copycats). Every website, that needs a Steam login, will recognise this and allow you to confirm your account.
If it still asks for your name and password, it is not a real Steam login.

i was just playing games and it just happened out of nowhere xd

引用自 RoXiel：

i was just playing games and it just happened out of nowhere xd

have you secured your account yet? if not, stop posting and SECURE IT before anything else happens.

引用自 RoXiel：

i was just playing games and it just happened out of nowhere xd

This stuff can and does happen at a delay. When you enter your login into a phishing site, most times it's just that the bot is placed in your account in a resting state.
It's up to the criminal behind it, when it takes action.

Also be glad. Most victims fall harder than you. Stolen inventories and wallet funds happen on a daily basis by exactly this stuff.

Yes, do the following steps immediately. (steps 2 and 3 kicks them out)

1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a trusted/clean computer.
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)
6. Optional: Change your email's password

引用自 Jerry：

引用自 RoXiel：

i was just playing games and it just happened out of nowhere xd

This stuff can and does happen at a delay. When you enter your login into a phishing site, most times it's just that the bot is placed in your account in a resting state.
It's up to the criminal behind it, when it takes action.

Also be glad. Most victims fall harder than you. Stolen inventories and wallet funds happen on a daily basis by exactly this stuff.

yeah i know. but nothing is really stolen or anything like that from my account. its just that a bot is in it

Which means, the criminal does not see your stuff as valuable enough right now and instead uses you to phish for other victims. Get your stuff sorted (if you haven't done so already now), before they change their mind about the first part.
And as I said, you should consider only doing one-click logins for Steam on external sites. Really makes things much safer.

引用自 RoXiel：

it all just started out of nowhere.

*checks nickname history*

Yep, it comes out of nowhere.

引用自 RoXiel：

引用自 Jerry：

This stuff can and does happen at a delay. When you enter your login into a phishing site, most times it's just that the bot is placed in your account in a resting state.
It's up to the criminal behind it, when it takes action.

Also be glad. Most victims fall harder than you. Stolen inventories and wallet funds happen on a daily basis by exactly this stuff.

yeah i know. but nothing is really stolen or anything like that from my account. its just that a bot is in it

Out of nowehere = out of shomewhere it just took time for them to do something.

STOP playing and DO NOT do anything till after you've done all the steps provided in post #1

Then STOP using dodgy phishing websites like those in your profile name

引用自 DC-GS：

引用自 RoXiel：

it all just started out of nowhere.

*checks nickname history*

Yep, it comes out of nowhere.

They should focus on securing their account first.

After they secure it, then they can argue about how it totally wan't that known scam site with a history of phising people they advertised in their name history.

引用自 Teksura：

引用自 DC-GS：

*checks nickname history*

Yep, it comes out of nowhere.

They should focus on securing their account first.

After they secure it, then they can argue about how it totally wan't that known scam site with a history of phising people they advertised in their name history.

That and if OP checked the spam messages they're likely spamming the exact same site OP has in their username. Wouldn't get more clearer than that

引用自 DC-GS：

引用自 RoXiel：

it all just started out of nowhere.

*checks nickname history*

Yep, it comes out of nowhere.

first of all. the nicknames i had was what i changed myself when i had my csgo phase. it doesn't have anything to do with my nicknames.

引用自 RoXiel：

引用自 DC-GS：

*checks nickname history*

Yep, it comes out of nowhere.

first of all. the nicknames i had was what i changed myself when i had my csgo phase. it doesn't have anything to do with my nicknames.

Generally when people advertise the name of websites known for scamming and hijacking accounts in their name history, it's a safe bet that they have used those sites known for scamming and hijacking accounts, especially when they make a thread seeking help because they have been scammed or hijacked.


So, yeah. The fact that you have advertised in your name history that you used a website known for scamming and hijacking accounts does have something to do with your account being hijacked. It didn't happen out of nowhere. It happened out of you using a website known to do exactly this.

引用自 RoXiel：

引用自 DC-GS：

*checks nickname history*

Yep, it comes out of nowhere.

first of all. the nicknames i had was what i changed myself when i had my csgo phase. it doesn't have anything to do with my nicknames.

Yes it does. Those are scam sites. You advertising them shows that you used them, logged in on them and giving those scammers your account information.

Showing clearly that this did not happen out of nowhere.