Maybe steam could make a way for bots to become "verified" or something like that. Or is there any way for steam to detect bots? Because if so then they could probably make it so accounts have to be X days old and have had verified purchases or something like that.
Comment has been collapsed.
Bots still struggle with CAPTCHAs don't they? Why not add one to friend invites and trade requests?
Sure, its extra hassle for legitimate users, but it seems like a better solution than.. say, pre-emptively block every IP from that communist dictatorship.
Comment has been collapsed.
Captchas can be bypassed by services like deathbycaptcha.com and 9kw.eu. Captchas will stop some bots but not all of them. They can always update their bots. Personally I hate them and I find it uncomfortable to type captchas every time I want to post a comment, add a friend, trade an item or whatever.
Comment has been collapsed.
Why not insist on a Steam game purchase (and, by extension, a valid payment method) before allowing new users to add friends?
Comment has been collapsed.
Well, their real life, card-owning friends can invite them...?
Either that, or Steam could be a little more diligent about checking out reported users, and their phishy chatlogs. Since Steam Support seem to be unable to unwedge their heads from their arses, that seems unlikely, so an unfair blanket ruling would seem to be the only workable solution...
Comment has been collapsed.
I did, and since the idle fuckwits who presumptiously call themselves "Steam Support" are clearly unwilling to do anything at all about individual scammers (or anything else, if truth be told), the collateral damage is worth it to put an end to the incessant deluge of no-mark phishing bots attempting to befriend regular users and part them from their games.
Comment has been collapsed.
how about "all of my friend play dota 2 and none of us has credit card"?
Comment has been collapsed.
Steam Support thank you for your sacrifice. They opened a family sized packet of Cheetos, and ignored several additional Support Tickets in your honour.
Comment has been collapsed.
That's why I said a "Steam game purchase" (ie purchased via Steam, not a bundle key or freebie game) therefore valid payment information held on Steam's server.
Guess I didn't make that as clear as I intended :)
Comment has been collapsed.
Yes. You know it's for the greater good. Thank you for your commitment to The Cause.
Comment has been collapsed.
Nope. I've reported countless bots as spammers, and they're all still active. If anything, the number of invites per day have increased :(
Comment has been collapsed.
15,349 Comments - Last post 4 minutes ago by jahas10
298 Comments - Last post 15 minutes ago by hallak65
719 Comments - Last post 31 minutes ago by ewoda
18 Comments - Last post 1 hour ago by Chadworthy
43 Comments - Last post 1 hour ago by sensualshakti
1,364 Comments - Last post 1 hour ago by star4you
101 Comments - Last post 1 hour ago by UnbakedBacon
15,095 Comments - Last post 40 seconds ago by adam1224
722 Comments - Last post 14 minutes ago by SamuelTwister
695 Comments - Last post 42 minutes ago by quijote3000
346 Comments - Last post 1 hour ago by stonedeadfxrever
208 Comments - Last post 1 hour ago by Vampus
5,704 Comments - Last post 1 hour ago by eclips1s
247 Comments - Last post 1 hour ago by LunaScout
http://www.reddit.com/r/Steam/comments/2n1qmg/these_steamstealers_all_have_a_very_similar_end/
Gurgle528 posted:
I'm a C# coder. The last few Steam item stealing malware (internal name of SteamStealer) have also been coded in C#, so I happened to already have software on my computer to easily decompile them. Doing so has led me to some interesting information (please note, I am in no way professional so mistakes are possible).
The first one I looked at, the one that said "dude wtf" and sent a "screenshot", was not obfuscated in any way. I decompiled it easily (using dotPeek, so it was literally 1 click) and found the Steam profile items were going to. The name "traders123123" probably refers to the fact that it had (apparently it no longer has them one its friends list) two private accounts named 123 on its friends list. The general way it worked is the malware would send items to the account (which had to be public, otherwise it couldn't receive trade requests). The account was bot run and would accept the requests and take the items. Every once in a while a (presumably) human operator would comment on the account's profile a link to another profile, and items would be sent to that account [not certain]. If the account was a private account the account would be set to public so items could be sent to it and then it would be set back to private (by a human operator possibly, one of the 123s did occasionally have a human operator that would chat with people). I followed a bunch of the links that were in the profile's comment section and well they lead to more profiles with more links until eventually you reach a dead end. The majority of profiles seemed to be Russian, with the exception of an Albanian and Argentinian and a few others. A few of the Russian profiles linked to the main 123 (the other never seemed to be used) and referred to it as "vanguard", which [barring any slang meaning, I don't speak Russian] probably means they use that account as a protective layer for transferring items that weren't obtained legitimately.
The second one was a better attempt in regards to hiding who they are. They used Confuser (considered to be the best free obfuscator) to obfuscate their code, but I just used NoFuser and then decompiled with dotPeek to reveal the same base code as the previous malware with changes for new Steam accounts. Something that didn't change was the strange "123" account. This account was different and seemed to be running different bot software (the other 123 would automatically accept friends, this did not. the other public account used for trades also would automatically block people that sent friend requests, this one did not). This attack seems to be a script kiddie's recreation of the previous attack, with numerous holes. The new profile that was used does not own any games (the previous owned CS:GO to get CS:GO items), and thus can not trade (you need SteamGuard enabled for 15 days to trade). This should render the malware fairly useless, however he has 313 "Steam" items in his account which may be stolen.
Both attacks used reg.ru to host their sites, so the second attack might be Russian in origin but I'm not certain on that one.
Both of these attacks are potentially by the same people, at the very least they are by people who probably browse the same websites (maybe a Russian hacking forum?) because the back-end bot software isn't easily available to my knowledge
My question is: is there any way Steam can stop these attacks? They read Steam's memory and take the Steam client's session so maybe they could change the way one of those works? Or maybe just make it so you can't use one trade token for hundreds of trades?
Comment has been collapsed.