Accounts using steamguard can't be hacked, you've leaked your info including your steamguard code somehow.

Follow all these instructions, otherwise you can't be sure that no one is still on your account:

1. Scan for malware https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
4. Change passwords from a trusted/clean device.
5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

There are only 3 ways for others to get into your account:

1. You either got infected and had malware steal your active session, which means steam thinks it is your own doing. (Or you logged in on another infected machine)

2. You entered your login + Steam Guard code somewhere you were not supposed to. (Scanning the QR code to login does the same)

3. Someone else has/had physical access to your devices. (Or you forgot to logout after being in an internet café etc.)

You can't deny all 3 of these, it's impossible to get into your account otherwise.

Stolen wallet or items that way will not be refunded, as it is the users responsibility to make sure their accounts are safe.

Originally posted by Dan5000:

Accounts using steamguard can't be hacked, you've leaked your info including your steamguard code somehow.

Follow all these instructions, otherwise you can't be sure that no one is still on your account:

1. Scan for malware https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
4. Change passwords from a trusted/clean device.
5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

There are only 3 ways for others to get into your account:

1. You either got infected and had malware steal your active session, which means steam thinks it is your own doing. (Or you logged in on another infected machine)

2. You entered your login + Steam Guard code somewhere you were not supposed to. (Scanning the QR code to login does the same)

3. Someone else has/had physical access to your devices. (Or you forgot to logout after being in an internet café etc.)

You can't deny all 3 of these, it's impossible to get into your account otherwise.

Stolen wallet or items that way will not be refunded, as it is the users responsibility to make sure their accounts are safe.

Under 1. happened to me. He sold some cards and from the combined sells (my cards are worth only 0.03 euros or something like that I dont dabble in card trading) bought a card for 1.75 euros. It still sits with me. I changed all my passwords both email and steam from another machine. Then i purged my laptop by reseting the pc and deleting everything. I even clicked the option to clean disk C during win 11 reinstall. Then after reinstalling win 11 I used Kaspersky Rescue Drive and it found nothing. Is this enough to clean my laptop of malware?

Originally posted by Dan5000:

Accounts using steamguard can't be hacked, you've leaked your info including your steamguard code somehow.

Follow all these instructions, otherwise you can't be sure that no one is still on your account:

1. Scan for malware https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
4. Change passwords from a trusted/clean device.
5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)

There are only 3 ways for others to get into your account:

1. You either got infected and had malware steal your active session, which means steam thinks it is your own doing. (Or you logged in on another infected machine)

2. You entered your login + Steam Guard code somewhere you were not supposed to. (Scanning the QR code to login does the same)

3. Someone else has/had physical access to your devices. (Or you forgot to logout after being in an internet café etc.)

You can't deny all 3 of these, it's impossible to get into your account otherwise.

Stolen wallet or items that way will not be refunded, as it is the users responsibility to make sure their accounts are safe.

I had my profile for 20 years, I know when I approve something or not. I only use the Steam Guard. I didnt "leaked" my steam codes anywhere.

Do you how to contact Steam Support regarding this? Cant find anything on this site.

I logged in with my account on a public computer at a esport organisation. I understand that the computer can be infected, but how can they trade my items without me approving with Steam Guard?

Accounts on Steam are PHISHED not hacked because the end user gave away all their account details, giving them access to their account.

The account name, the password and the KEY to the door, the Steam Guard Mobile code, or scanning the QR code or authorising via fingerprint giving them access to the account.

How? by either logging into a known scam site or sites, tailored malware on your PC, the vote for my team scam, you have a pending ban scam on Discord, free knife click the link, signing in through a fake login window, the fake Valve employee scam, free $50 Steam Gift Card etc.

How does Steam (a program) know it is not you when all the account details are correct? It doesn't, therefore any action taken on your account is seen as you doing said actions.

The alternative is not plausible:

1) Someone would have to "GUESS" your account name from "millions of possible combinations".

2) Next they would have to "GUESS" your password from "millions of possible combinations" and then match it to your account name with "millions of possible combinations".

3) And finally they would have to "GUESS" the Steam Guard Mobile code "which changes every 30 seconds" to match both your account name and password to then have access your account.

The weakest link is the end user, not the security offered.

Scammers are quite aware that Steamguard exists, so they have adapted their cons accordingly.

As an example, nobody(?) tries stolen credentials from other sites, since that only triggers are Steamguard response that they can't pass.

Instead, they are now approaching people directly, to con them into handing over the information they need.

Originally posted by MoveX:

I had my profile for 20 years, I know when I approve something or not. I only use the Steam Guard. I didnt "leaked" my steam codes anywhere.

Do you how to contact Steam Support regarding this? Cant find anything on this site.

First stage is denial. Never leaked steam codes.

Originally posted by MoveX:

I logged in with my account on a public computer at a esport organisation. I understand that the computer can be infected, but how can they trade my items without me approving with Steam Guard?

Then comes realization that there could have been a time when those codes could have been intercepted.

Originally posted by MoveX:

Can anyone help with this?

You have to help yourself. Follow the steps you were given to secure your account.