Installer Steam
connexion
|
langue
简体中文 (chinois simplifié)
繁體中文 (chinois traditionnel)
日本語 (japonais)
한국어 (coréen)
ไทย (thaï)
Български (bulgare)
Čeština (tchèque)
Dansk (danois)
Deutsch (allemand)
English (anglais)
Español - España (espagnol castillan)
Español - Latinoamérica (espagnol d'Amérique latine)
Ελληνικά (grec)
Italiano (italien)
Bahasa Indonesia (indonésien)
Magyar (hongrois)
Nederlands (néerlandais)
Norsk (norvégien)
Polski (polonais)
Português (portugais du Portugal)
Português - Brasil (portugais du Brésil)
Română (roumain)
Русский (russe)
Suomi (finnois)
Svenska (suédois)
Türkçe (turc)
Tiếng Việt (vietnamien)
Українська (ukrainien)
Signaler un problème de traduction
Procédures à suivre et règles des discussions
1 
Signaler ce message
Follow steps 1-6 to secure your account:
1. Scan for malware https://www.malwarebytes.com/
2. Check that the email and phone number on the Steam account are still yours.
3. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
4. Change passwords from a trusted/clean device.
5. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
6. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)
Regarding items:
https://help.steampowered.com/faqs/view/3B6E-B322-2400-8D24
1. I had downloaded from another post I've googled in. Some data got 'leaked' now how I am supposed to be responsible if linkedin get hacked? Steam got hacked in the past.
No, my steam password is different and unique, it couldn't be get like this anyways.
2. Still mine.
3. Did. Logged off, and bugged for an almost infinite cycled. Now it seems I cannot login anymore without the steam app (which needs many attempts to login.)
4. I am trying to change from my iphone, but steam app is bugged as hell. It ask me to change, give me code below, ask me the code, and there's no box to type in, only a "leading icon emotion/gif"
5. Lol I have clicked "Deauthorize all other devices" but when I clicked on this link, the steam app is still authorized, which makes sense since it loged in again from this. If I unchedk this, pretty sure I won't be able to login anymore.
6. there was nothing there.
The only browser which I've ever logged in is google chrome, which I use to watch videos on youtube and work.
My extentions are ad blocks.
One extention for web page readability.
one extention for Tampermonkey which I've installed months ago, it's used to automatically place the current card price or lower by 0,01. Since I had hundreds of cards, I needed it.
No other extention, never logged on steam in any other browser, and my steam password had always been unique, which I often make unique password for everything.
No e-mail request authentication. No SMS authentication. Meh...
It doesn't say from whom I bought from, neither does the e-mail I receive does.
How does someone use all my money, without e-mail authentication, sms authentication, and without I even knowing from whom I bought from?
Here is a wild concept, let's assume my computer got infected (the program at least think it's fine)
Then, how only my steam account get cleaned? sure I had 100 BRL, fine. But I have bank accounts, which have more than that. Why didn't say the person tried to purchase something on let's say Amazon, if they could login, they would have my credit card, right?
Only steam happened, from where I had the least amount of resources... I mean.. This hacker may really wanted to sell his cards at a inflated price tag, I suppose.
no e-mail athentication, no sms request. For what I know they didn't even logged in, because I get an e-mail request when I try to login, when I format my computer. No nothing request.
I don't even know whom the f. "I" bought it from.
Why are your steam credentials on linkedin?
If you download malware because you blindly trusted something, that's still your mistake. Either way your problems or LinkedIn problems having nothing to do with Steam, it's not Steams fault even more so than "not your fault".
Your email could be compromised too. Why would it necessarily end at Steam?
That might all be true. Although your account could have been compromised a while ago. People make mistakes. People forget. It can be hard to remember everything you've done over several months.
The reality is you probably weren't l33t h4x0r'd, and if you decide Steam must have been, well it would have affected thousands or millions of users and be frontpage gaming news. I'm not seeing those headlines today though. Realistically users are directly involved in their accounts being compromised. Users are the weakest part of security so they're the biggest target. And you may never be able to figure out exactly what happened.
You might look at this way. You would bet your life your security habits are flawless, and you would never make a mistake? I mean I wouldn't if I were you.
Yeah it sucks. The internet is a dangerous place. If you can make any improvements and up your security game, this occurrence should convince you to take another step.
These types work almost instantly, seizing all your account credentials and sending them back to the perpetrator.
You can forget to look up your market history. Even if you found the buyer/seller of your items/wallet, you will not get them back. Every market transaction is final.
I don't think I have a flawless system nor that I am perfect. I just find it curious why someone would waste their time stealing 100 BRL, when they could go for my credit card or for my bank account. Also malware bytes thinks my computer is clear. For whatever that matters.
1. No I didn't put my steam account on likendin. Malwarebytes asked for my e-mail, then it pointed 19 site leaks, one of which was likendin in 2016 (different password) and another was Ebay 2025 (which I haven't logged in, since pretty much I created long time ago)
If my e-mail was compromissed, then why didn't they changed my e-mail and password?
Also why didn't I receive a e-mail or sms authentication, if both were registered.
If I format my computer or try to login from a different address say, my mom's house, it request a validation before loggin in. So if my steam password got leaked from my computer, why were they able to login without authentications?
I mostly download course videos. My most recent downloads were Python from their officialwebsite, Pycharm from their official website and a video course that I got from the net.
Which contain video format files.
But as you've said, say I have downloaded a infected file. Why steam, why not my bank account or credit card? Why didn't steam ran an authentication?
Why I can't even know from whom these items were bought from?
Besides malware bytes, what else can I do, to certify that my computer is clean?
If your question is why they didn't go after your credit card details, that means the creator of that malware never targeted it in the first place.
It is useless because one, the market transaction is final, and two, the buyer/seller could be sockpuppet accounts or innocent users.
Malwarebytes is enough, though if you aren't satisfied you can install one more and do a full scan. Kaspersky or Bitdefender.
A more advanced step would be a factory reset or reinstalling windows.
Well they may not have nicked those details yet. Or they're focused on Steam accounts because that's safer. At any rate the "I'm too insignificant so I'm safe" thinking is a fallacy.
Also it's not like scammers are just some annoying kid in a basement randomly going after accounts one at a time. They're not like a fisherman on a dock with a single fishing pole. It's a business for them. They've got a fishing boat and they're casting a huge net. And even if you're fishing for sardines, yeah each individual sardine is insignificant. But 100,000 sardines adds up.
So why waste their time over 100 BRL? It's what they could get. Looks like $17.00 USD. Ok, well $17 times a thousand users just like you, or ten thousand users just like you. At what point do you think it adds up into real money? That's why.
And credit card/banking fraud is riskier business. Banks and law enforcement probably spend time hunting those things down. But Steam store credit? Virtual game items? Yeah, let's talk when there's an international effort to hunt down those criminal rings.
I can't speak to every decision a criminal enterprise makes. But ask yourself why don't all thieves rob banks, museums and Fort Knox? Why would you ever mug an individual, or rob a gas station or some other small potatoes target? The reasons and possibilities are myriad.
Also consider we don't need to prove to you that you've been robbed. You know you've been. The details of why are kinda moot. It happened. Whether it was the only thing they could access, or it's the only thing they target isn't going to change much.
It's just a possibility and might explain things. Also depending on the circumstances. Imagine you're a criminal. Do you always tip your hand as quickly as possible? Changing an email password is going to tip you off immediately. Not changing it may grant you access for a long period of time. There is no rule book. It's not like you can call foul if an attacker doesn't do what you assume they'll do.
Cybercrime may not be your area of expertise, you might need to admit to yourself that you're at a disadvantage when you're dealing with a person or group who has made a career out of it. Most of us would be, simply because of experience disparity.
Credentials are how your authenticate. If someone has sufficient credentials to access the account and do the things, at a certain point it's sufficient proof that the person accessing the account has the rights to do so. You can be critical after the fact, but having N+1 authentication layers isn't something you'd really want to deal with. And it's not something that's going to happen only when you think it would be convenient.
Because for the way I see it.
- Money stealing is a common practice and nothing is done about it.
- I cannot change my password through steam app, because it doesn't work. trash app.
- I cannot change my password through google chrome, as it 'may be infected,' thus lose it's purpose.
- currently I am having trobule to login, because I am doing it by the steam app, which is trash.
- I can't even know whom sold those me inflated junk.I mean, come on... That's beyond ridiculous.
I am 100% sure that this password didn't got leaked on a 3rd site website, for the simply reason that I have never logged in in any website with my steam account, and I use different passwords from accounts in general.
The only possible case scenario would be if my computer was infected, which honestly could happen. I do find it odd that whoever did it, came from my steam funds, instead of my credit card or bank account, which has a lot more value than this.
Besides, I am just unhappy that I was forced to download steam app.
I am also unhappy that steam app is a bugged messy trash product, that doesn't work. (requires many attempts to log in. change password function is currently broken)
And even if my information got stolen, then it was only steam which did leak.
Furthermore if someone got my login/pass. Then why the authentication steps didn't work?
Why can't I even know whom sold me inflated priced junk?
Also since this is a common practice. (Steam sends e-mail and forces users to download steam trash app, because they are aware of this type of occurance.)
If they're aware, why don't they fix it?
If it's common, that's alright.
If my computer got infected, and they manage to steal only my steam info, fine.
if somehow a security system which the whole purpose should prevent thieft, by authentication checks, doesn't actually do what it's mean to, and it's somehow fine. Then that's alright as well.
But I don't think this is acceptable. Since it's a common occurance, I think steam is responsible for it. Authentication should work. Apps critical/high priority functions should work. Steam security was the only one bridged, my bank account and credit cards are safe. Either this hacker is not very smart, or perhaps... Steam is not doing their job.
https://help.steampowered.com/en/faqs/view/21A6-7C93-6CFE-100B
Gonan get those.
I get it, whoever did this, had skills and knowledge. But going for 100 BRL, in a system where your account can get tracked and banned, (if steam ACTUALLY wanted you to know.) and you had to purchase said cards and pay a fee on whatever you receive...
I don't know how much time it would take, but... Does people often leave money hanging on their steam accounts? + What is the odds of someone who has steam get hacked by a 3rd program?
I just don't think it's very profitable, and anybody with this set of skills could be making probably over 100k USD which not only would a honest job, but also stable, no risk of being in jail and more money.
So I don't get it at all. Going for 100 BRL is nothing, if they really wanted a buck, they would target my credit card or my bank account. That what a profissional that makes a living with this would do. The pay rate must be higher than honest work, to be worth the risk.
Well... I know my login and password. If I format my computer right now, it will ask for authentication.
If I clear my brower's cache and try to login, it will ask for authentication.
If I go to different address it will ask for authentication.
On this case? No authentication was requested.
And I am the owner, I have the login, password, steam app, e-mail and phone.
I also have the IP adress where I always login, and if I clear my cache browser, steam would still request it again.
Don't know what to tell you, except this is steam faulty.
Do you honestly believe that this software is working as intended?
That the end result of this practice works favorable towards their consumers? And the end result is a good one?
It asks my credit card infomation, surely I'll send this info to software where I got hacked.
Hey, last time when I tried to change my e-mail it asked for a physical copy of a CD, imagine that... Like we're back in 1900. Huray. I see mad tech right here.
Anyways, obviously not gonna give my credit card number,so I'll just delete the app, remove the client and forget this account ever existed.
I am sure in a scenario where the software has critical/high level failures and only the security credentials get stolen for this specific software, which in turn the hacker manage to bypass the authentication defense system, is 100% user faulty, and steam is a flawless software, god sent. But I'm done.
Stuff like phishing and other social engineering techniques are popular because they're low tech, low effort and very effective, IE efficient.
It's easy to trick users, users are careless and reckless, and otherwise very fallible. Scammers/hijackers also casting a wide net. And there's millions of Steam users, even if only a fraction of a percent get dinged a month it's still a lot of people.
Yes lots of users have money in their Steam wallets. The community market uses wallet funds, and lots of people use that and lots of people primarily fund their accounts based on the community market transactions and it's not like that money has anywhere else to go until a user is ready to spend it.
Well as I mentioned going after Steam accounts is extremely safe. And, people are probably a little more careless and reckless with their Steam accounts because they don't matter, it's small potatoes, it's not serious, etc.
It doesn't make sense to you, but money is money. And this sort of thing is easy money. And the constant churn of thousands of accounts a few bucks per account and an endless parade of users willing to provide account credentials or trade items away or fall for scams makes it worthwhile. You're thinking too black and white. And it's not like they're limited to only doing Steam accounts. No one reason they can't be diversified in their scams or only do one thing.
At any rate the limits of your imagination and assumptions aren't what anything revolves around. Clearly someone thinks it's worthwhile and it's not like they're starving to death or losing money doing it. And even if they're "mistaken" and should be doing something else. Ok. Well good luck with your armchair crime lording.
Lots of users prefer that explanation. Maybe you're right, but not every user who blames Steam is blameless for their account woes either.
And it doesn't account for users who seem to be able to keep their accounts secure. All anyone can do is be as careful as they can be. Maybe there is something you can do to be a little more careful, at least keep the possibility on the table.