Steam hack?

H

Huan

[H]ard|Gawd
Joined
Nov 3, 2001
Messages
1,697
Anyone else been receiving e-mails of purchase's you haven't made on steam and the currency used in RUB?

I've sent in a support request with their help department and its been nearly a week sense i've started trying to convince em its me etc.. This morning I received notice that they have changed my e-mail information and some how got it confirmed (e-mail wasn't hacked oddly)..

Anyone got a number I could call to get this resolved? It has been ages sense i've used this service being i'm on crappy 3g with a low cap.. But I still don't want someone using my name to steal CC information and do god knows what else...

I haven't seen any of these charges on any of my cards neither.. I'm not sure what the hell is going on :eek:

Edit reason: Just to clearify, i'm not ripping steam, I'm just wanting to make sure there hasn't been clever phishing scam Fing with me.. I never use direct links in e-mails to investigate either
 
Last edited:
Can you still log into your steam? If someone jacked your steam account and is making purchases you'd be able to see the games on your list if it's legit. Just log in and see if these "new" games are on your list of uninstalled games if you still have access, if you cant log in, then you know the "changed email/login" notification is legit. It's probably a phishing scam though. Hopefully anyway. I wish you luck.
 
i doubt someone would hack into an account just to buy games for that account, chances are the games are being bought as gifts with stolen cc's and then gifted out to other accounts. so none of the games would actually show up in his library even if he can log in.
 
Wildace said:
i doubt someone would hack into an account just to buy games for that account, chances are the games are being bought as gifts with stolen cc's and then gifted out to other accounts. so none of the games would actually show up in his library even if he can log in.
Click to expand...

But they will show up in purchase history.
 
try to change your password. you might be keylogged so try a different computer if at all possible. and call steam customer service asap. this is definitely a cc fraudster. while he isn't using your cc, he's using others' cc info with your account.
 
Run some malware/antivirus then change email/steam passwords if possible.
 
I got an email today from President Obama (right from his office) saying theres a pill that will make my dick 15". Doesn't mean its real though.
 
lloose said:
I got an email today from President Obama (right from his office) saying theres a pill that will make my dick 15". Doesn't mean its real though.
Click to expand...

If Obama said so, you can be sure its real.
 
I got an email last week from Steam that I had requested a password reset so someone's making the rounds. It was not me and nothing had been compromised.
 
Steam finally contacted me after all this time.. I filled them in on the new updates and they say my account had been hijacked and they have reset my password, but now when attempting to log in, it just stops responding /sigh.. I just want to change the damn password and be done with this! lol

Is monday a maintenance day or something for steam?
 
K, thankfully I seem to at the moment at least have control of it again... Looking it over it was someone from russian federation, nizhegorod ? The fox avatar was freaky as fuck, holding an apple iphone...

Looks like FM_Fixxxer was right.. They was using my account to purchase "gifts" for other accounts.. Buying these gifts seemed to result in earning free games on my account, which the perp played.. Looks like he/she/it bought some as a test on the account too... I expect them to disappear in a day or so depending on how strict steam is on all of this... /shrug.. I'm on verizon 3g, i cant afford to download the games lol
 
Son of a

The person in question is once again trying to reclaim control of my account lol. I have the extra guard placed in the settings, so its sending the confirmation numbers to my e-mails (which he/she doesn't have access to)...

I just hope they don't some how get a new password to take the account over even though they shouldn't be able to....

I understand why blizzard went with an authenticator app now..
 
The Safeguard thing is great though once you link it to a trusted PC. I wouldn't stress anymore, Steam knows its fraudulent attempts, they'll take care of it
 
K, I should be good then... They hammered some attempts during 11pm to 11:10pm, so I mentioned to them to maybe look at the ip address with the wrong info during that time and maybe ban it or whatever they can do from their network...

heres to hoping this crap stays in my control!
 
lloose said:
I got an email today from President Obama (right from his office) saying theres a pill that will make my dick 15". Doesn't mean its real though.
Click to expand...

Obamacare now offers pills that will increase the size of my dick? God bless that man.
 
Huan said:
Son of a

The person in question is once again trying to reclaim control of my account lol. I have the extra guard placed in the settings, so its sending the confirmation numbers to my e-mails (which he/she doesn't have access to)...

I just hope they don't some how get a new password to take the account over even though they shouldn't be able to....

I understand why blizzard went with an authenticator app now..
Click to expand...

Steam Guard only triggers if they use a correct Username/Password combination. The person in question has your new password, you should change it again, and also might want to figure out how they got your new password. If this were my PC, I'd already be in the process of wiping the disks and restoring an image.
 
I used Malwarebytes as a dedicated anti-trojan and Eset smart security for a firewall / anti-virus. I'm connected to a physical router.
 
MrAgmoore said:
Formatting is a bit drastic.

Solve the problem with Anti-Trojan and Anti-Virus packages:

http://www.malwarebytes.org/

http://www.eset.com
Click to expand...

Disagree. Once a system has been compromised it can no longer be trusted. Trust must be reestablished from a known good state, in this case a system image or a system reinstall and backups.

If the system was compromised already, installing anti-malware software on to the pre-compromised system will not reestablish trust. On the other hand if you had your system already secured with anti-malware and it got compromised anyway then you can't use that same software to reestablish trust by definition as it was unable to secure the system in the first place.

In either event it will take less time to do a reinstall or re image than trying to scrub a system back in to a pre-compromised state in a provable way, and with Windows 7 these days providing built-in system imaging capability there's no reason not to.

TLDR version; The only way to be sure is to nuke it from orbit.
 
They seem to have backed off.. Steam was constantly sending me e-mails with the new temporary password to change my "forgotten" password that they was attempting to figure out... After some hammering they stopped... I currently have spy-bot, and NoD32 on my system with windows firewall.. I'm connected via verizon 3g through an iphone tethered to my computer... But I will check out the suggested software and see what it finds just to be safe... Paranoia is Underrated :)
 
On a similar note I have two brand new games in my library that I have no idea where they came from. Nothing shows they were gifted to me and they don't appear in my accounts. The first game is Take On Helicopters (no it isn't in my wishlist) and second is Party of Sin (also not in my wishlist)
 
Malware bytes didn't find anything... Think it was just a potshot luck of the draw they guessed my old password.. It will be hell guessing the new one... If i lose the password i'm even screwed lol...
 
Huan said:
Malware bytes didn't find anything... Think it was just a potshot luck of the draw they guessed my old password.. It will be hell guessing the new one... If i lose the password i'm even screwed lol...
Click to expand...

Consider using a program such as lastpass if you feel like you won't remember complex passwords.
 
Huan said:
Looking it over it was someone from russian federation, nizhegorod ?
Click to expand...

Shocker. Between eastern europe - especially Russia - and China, its a race to the bottom for scam/fraud king, with poor Nigeria left behind in behind in 2008 holding its diseased pud wondering where it all went wrong.

Huan said:
Malware bytes didn't find anything... Think it was just a potshot luck of the draw they guessed my old password.. It will be hell guessing the new one... If i lose the password i'm even screwed lol...
Click to expand...

Not luck of the draw, your old password was weak. Nobody is sitting there manually trying to guess your password one attempt at a time, nor did anyone single you out. Its a mostly automated set of tools - including captcha handling - that the hacker is running against many accounts, not just yours. Running paranoid malware/AV scans on your local system is unnecessary but doesn't hurt, because Steam and Origin hax don't go down that way - they don't need to.

As long as you've got Steamguard enabled your acct is 90-95% more secure. Origin OTOH, well I know people that got hacked and never got their accounts back and ended up having to re-buy BF3. EA support is just that braindead and behind the curve on this particular attack vector that continues to hemorrhage.
 
Last edited:
My Steamguard-enabled Steam account is registered to a gmail account with two-factor authentication enabled.

You can and should use two-factor authentication on google/gmail, yahoo mail, Facebook, Dropbox, and most certainly on LastPass.
 
You must log in or register to reply here.
Back
Top