ok

If you are talking about the steam chat app on your phone, then if you know the steam app is the real steam app then yes it is a false positive. Just make sure the app was listed by Valve Corporation

That website isn't related to Steam.
Try to click it from the link you provided. It won't let you go there.
If it was a Valve website, it would not show the red or even yellow tag stating the site could be or is dangerous.

Originally posted by rockstar.:

That website isn't related to Steam.
Try to click it from the link you provided. It won't let you go there.
If it was a Valve website, it would not show the red or even yellow tag stating the site could be or is dangerous.

^This^

I didn't even click the link just because I've never heard of the site before and just assumed you were talking about the phone app.
My suggestion is this:
Don't use any website that claims to be affiliated with steam but doesn't have the
'Valve Corp[US]' in green right next to the site. Doing so is inviting hijackers to take control of your account.
If you're not sure these are the steps to take to secure your account.
I suggest taking these steps to secure your account, just in case.

-Scan for malware. https://www.malwarebytes.com/

-Deauthorize all devices https://store.steampowered.com/twofactor/manage

-Change your password on a secure device.

-Generate new back up codes.

-Revoke any/all api keys you find here https://steamcommunity.com/dev/apikey
-If you don't know what these are, there should be none here.

Do a scan on your mobile device.

No, my PC is not infected. And No, I am not talking about the phone app.

Originally posted by rockstar.:

That website isn't related to Steam.
Try to click it from the link you provided. It won't let you go there.
If it was a Valve website, it would not show the red or even yellow tag stating the site could be or is dangerous.

Rockstar, :). Just because it doesn't open in a browser it doesn't mean it's nothing on that link. I assume it is acting as a hub to chat messages or something backend. Also do not think Panda are in fault because this virus detection happened all of a sudden, without steam client being updated. It did not appear before yesterday. I fear this is yet another exploited vulnerability in Steam, phishing or trojan attack via their chat system.

:) btw, I just tried to reconnect now and I did not get any "1 virus deleted" notification. I assume Valve cleaned the virus on their server. I wonder if they will show some balls and admit their security breach.

Originally posted by zooid:

No, my PC is not infected. And No, I am not talking about the phone app.

Originally posted by rockstar.:

That website isn't related to Steam.
Try to click it from the link you provided. It won't let you go there.
If it was a Valve website, it would not show the red or even yellow tag stating the site could be or is dangerous.

Rockstar, :). Just because it doesn't open in a browser it doesn't mean it's nothing on that link. I assume it is acting as a hub to chat messages or something backend. Also do not think Panda are in fault because this virus detection happened all of a sudden, without steam client being updated. It did not appear before yesterday. I fear this is yet another exploited vulnerability in Steam, phishing or trojan attack via their chat system.

It might be one of their domains that expired & they couldn't noticed it because it was pointless in the first place. Someone else buys the domain and gets access, etc. etc. there's a lot of assumptions that we could make out of that. But all we know is that site isn't related to Steam.

The thing that worries me is that steam has this message when you click the link.

"Link Blocked!
This link has been flagged as potentially malicious."

Meaning that this has been manually flagged as malicious content.
I still suggest avoiding the site altogether. It's not worth losing your account.

And before you say "I've been using this for a long time and had no trouble" These people are known to bide their time and wait until you no longer suspect their site as a possible threat, then lock you out of your account.

My advice: avoid like the plague

Originally posted by Pirson253:

Originally posted by zooid:

:) btw, I just tried to reconnect now and I did not get any "1 virus deleted" notification. I assume Valve cleaned the virus on their server. I wonder if they will show some balls and admit their security breach.

Was a Panda False Positive, not a vulnerability of steam. Also, the link they send was detected as maliciousus because at the end of the url you write is the next simbol: " . this is a little change to the original URL to detect this as not of steam, and also, dangerous

:D I added the " quote because I was quoting the panda notification.

Anyhow, the issue got fixed. Still doubt it's Panda false positive, rather steam got exploited again. I never went to that URL and I didn't whitelisted it in Panda so, doesn't really matter what it was.