So you know who did it? And how do you know you got it "hacked"?
Comment has been collapsed.
Yes I do.
And I know it was hacked, because within seconds my steam wallet went from $469 to $0 and my csgo stuff was sold on the market.
Got emails showing the transactions that I had apparently bought some worthless stuff for nearly $500.
Then my email address and password were changed.
Comment has been collapsed.
Within seconds?!
How could he possibly do such a thing so fast...
Comment has been collapsed.
I used to play a MMO on a private server before. Their new policy allows us to trade in game stuff for steam stuff.
So I sold inventory for about $700 on steam. I have never spent even one cent on steam. Everything you see there came from trading via that game.The only thing I purchase are humble bundles.
Comment has been collapsed.
Steam Guard does nothing if you activate a script with steam already logged into your account. In which case the money in the account is gone, but your items are safe unless you disabled the email verification step. Otherwise then it's all gone regardless of steam guard.
Comment has been collapsed.
First thing to do is to secure your email. After about 3 days or a week, you should get everything back. All the dota items. Not sure about steam gifts though.
Comment has been collapsed.
I don't play DOTA. I do play CSGO though.
Mainly concerned about the $469 in steam wallet.
As for email, I have always used very secure passwords on my emails. Unique. In excess of 20 letter+ digits.
I did do a system restore and then run a scan using Microsoft Defender, which didn't turn up anything.
Comment has been collapsed.
That's very disturbing. It was probably done through some security loop in steam itself, or you have some clever trojan/backdoor aboard.
Comment has been collapsed.
using microsoft defender as an antivirius is your first flaw lol, that wouldnt find poop under its own nose
go with the antivirus tri-force
malawarebytes
emsisoft anti-malware
and spyboy search and destroy
all free and all find different stuff its the ultimate virus killing team, ive used all 3 for over 8 years with no complaints and never a single virus
plus it would be a good idea to get the free "avast" cuz it will tell you if you go to a webpage that tries auto downloading a virus and it will stop it "I.e. clicking random links on steam"
Comment has been collapsed.
Actually, the most effective defense is to not be connected. You can be the most tech savvy individual and still manage to be hit by a new virus or security flaw. Insinuating that someone is dumb for being infected, is at the very least, poor form.
Comment has been collapsed.
youre right, but no connection is not really an option.
what i meant is: to have a pretty good (but not perfect protection):
nobody can be considered dumb just because he got infected. but dumb (better: careless) people get infected more often.
Comment has been collapsed.
Was in lobby with someone from friend list. They pretended that they were using this new app for talking among themselves.
It is common for people to use external apps to talk among themselves in csgo since it helps against latency issues.
What I should have done was taken more care to see what I was downloading. However the page seemed fine, and because it was a guy on friend list and not a bot, I didn't think anything was remiss.
It was one of those things, where in hindsight I could have been more vigilant, but got blindsided by the attack from an unexpected source.
Comment has been collapsed.
http://store.steampowered.com/subscriber_agreement/
You are solely responsible for all activity on your Account and for the security of your computer system.
ALL CHARGES INCURRED ON STEAM, AND ALL PURCHASES MADE WITH THE STEAM WALLET, ARE PAYABLE IN ADVANCE AND ARE NOT REFUNDABLE IN WHOLE OR IN PART
And if your cs:go stuff got sold on SCM instead of trading it to a hijacker fence, then it's gone for good as well.
Comment has been collapsed.
https://www.virustotal.com/en/url/fbfe6e1d77c2685d52b8174c64f0b1634210d46452345ed9c78a446bf95632e2/analysis/1425308505/ and this http://www.urlreveal.com/reveal?url=http%3A%2F%2Fvoice-speaker.com%2F it's look ok, maybe this isn't the website...
DO NOT OPEN THE LINKS FROM SCANS!!!
Comment has been collapsed.
Website is fine. Its the application hosted on the website.
https://www.virustotal.com/en/file/1fb004bef76e077881205f52ec71d07e64bc443000760cfced1bf37ca9d92c38/analysis/
Comment has been collapsed.
There is nothing wrong with the website. Its the application hosted on the website that is the culprit.
If someone does accidentally click it, it still will not do anything. They need to download and run the application. I doubt someone can do that accidentally, especially if they can see the context this link was posted in.
Comment has been collapsed.
If you play with randoms, always use in-game voice.
Playing with trustworthy friends, I recommend mumble. Mumble is a voice over IP
http://www.reddit.com/r/GlobalOffensive/comments/1y6tzi/i_made_a_mumble_for_redditors_to_find_5_stacks/
Comment has been collapsed.
Yeah but you really don't want to rely on that alone, plus antivirus and malware are two seperate things, a good program you need is this https://www.malwarebytes.org/, and if can't or don't want to pay then even throw in a free antivirus like avg or avira for the heck of it, you can't ever have too much protection.
Comment has been collapsed.
Sry about your situation but try nod32 or kaspersky along with malwarebytes, antimalware apps can't detect some virus and vice versa.
Comment has been collapsed.
you really shouldn't have trusted something that comes installed with windows to be as good as a 3rd party antivirus that has a team that focuses only on one product.
It's like internet explorer vs 3rd party browsers.
even microsoft doesn't really want you to depend on their product.
Comment has been collapsed.
Windows Defender is basically Crap. I suggest that you buy a anti-virus program or download a alternative free anti-virus.
Comment has been collapsed.
Im not really angry at this.
Annoyed a bit at myself for falling for it.. yes. Angry.. no.
Problem is that I don't really have any real cds I buy. And the money on my steam account comes from pre paid credit cards and steam wallet codes that I didn't bother keeping after using them up.
I can offer them humble bundle keys that I have used in the past and I can prove ownership/access of the email account that was in use from the day the account was created 5 years ago till yesterday, when the account was hacked and email changed.
Comment has been collapsed.
They will return iteams :) My brothers account got hacked long time ago and he got back all ,he was 10 then ,easy to fool..They used the same ''Download this to chat with your friends in cs go'' And they try to fool me too ,but my brother never write me in english so... :D
Comment has been collapsed.
Im sorry to say that m but im pretty sure Steam Support cant do anything bout your wallet funds...
I've seen quite a few reddit treads bout Similar issues , ppl losing bunch of cash in theyr accounts , all steam did was restore the account , not the content of it .
Comment has been collapsed.
Just write to steam support they can do something after few days with items if they were sent by trade not sell on market. I think you won't get money on your wallet. Someday I was scamed in quite similar way but I lost my dota 2 items and wrote to them.. After few days I got some items not every but some of them. Maybe you will get luck just like me.
Comment has been collapsed.
you will able to restore your inventory due to their one-time exception customer service. It may take weeks for steam support to respond after you submitted the support ticket.
After you submit the support ticket,
1) Format your pc immediately. (Why? AV cant detect all the malwares. It happened to me before)
Do use https://www.virustotal.com/ to check any suspicious links/ .
2) Change all the passwords after format (include your email acc - make sure your email using 2 steps verification, more secure)
3) Tick the >Deauthorised all other computers in your steam guard setting. (so that ,they wont able to use old steam guard SSFN file to bypass
and steal your items again.
By follow this 3 steps above, your steam acc will safe enough and will not get hacked twice. It will be returned soon.
Besides that, make sure you had enabled Confirmation of Trades in your profile setting all the time. Otherwise steam support will just ignores you.
Steam wont restore your inventory for 2nd time.
I knew it well bcos I am victim before.
Comment has been collapsed.
Thanks for the info. I was not aware that Gmail has a 2 step authentication.
Just set it up, and hopefully it means my email is more secure now.
I can only imagine how hard it must be if someones email gets hacked. Since every service seems to tie to emails now a days.
I dont have my steam account back yet, so I cant deauthorise other computers yet, but I will certainly do it when I get it back.
I did have trade confirmation enabled, but they used steam market to transfer funds, which does not have any verification system in place.
I hope they enable an optional one for the steam market as well.
Comment has been collapsed.
A friends account got hacked once, he got his account and items back after providing a retail serial from one of his games, don't know about Steam wallet though, good thing I have almost never more than a little bit of money in my Steam wallet.
Comment has been collapsed.
You can say good by to your steam wallet and item guy.
Your "friend" give you a fake program with a rat and he keylog all you do. http://en.wikipedia.org/wiki/Remote_administration_software
Download Kaspersky or Malwarebytes scan your pc, kickass the fucking rat and say Fu** You to your "friend". And change all your password, is not because you have 20 letters password you can't get hacked.
Security is just a state of mind.
Comment has been collapsed.
If you use social media like tweeter or facebook change your password to ^^
Comment has been collapsed.
I got hacked 1 week ago, they answered to me back in 3 days. I provided physical CD keys, account details etc, even pictures about the physical CD keys.
Comment has been collapsed.
orly? its so easy to use virustotal or jotti....
https://www.virustotal.com/de/file/1fb004bef76e077881205f52ec71d07e64bc443000760cfced1bf37ca9d92c38/analysis/1425305332/
edit: it calls to https://mail.ru/... .i´ll leave more info when i got his username and pw
it also edits your hosts file, check it!
he used Resource Tuner to edit the executable.
the tool he used is called "XSteamCSGOItemsHacker"
it scans only within steam and opera, creates a sql table and stores all information before it sends to mail.ru
Author "Faker" // thread: http://youhack.ru/showthread.php?t=447203
maybe i have time later to find the opcode
his site? http://web1maker.ru/
http://web1maker.ru/base/js/default2.js
var log_pass = 'ftjkyNb4F0Eg8FVoIEBM';
37.57.176.105 <---- "stealer" Kiev , Troeshina
he is either russian or from the ukrain!
Comment has been collapsed.
I got my account back before 15 days passed (luckily because of steamguard my items have not yet been traded out). You better update your support ticket if you have not yet included proof of ownership (receipts for games you purchased on steam) so they can process it out faster before the market/trade restrictions get lifted.
Comment has been collapsed.
I have provided all the proof I had.
Provided them a copy of my drivers license (they have a copy from before when I had to prove that I am not a US citizen).
I provided them game keys I have used in the recent past. Provided them a copy of email receipts from steam purchases.
Comment has been collapsed.
Now there is no reason for them to not retrieve your account before the hacker messes up with your inventory. Hope they get back to you soon, it just takes a big toll on your patience to wait.
Comment has been collapsed.
is that your alt account?
http://steamcommunity.com/id/rahulah
if not then its him, no calling out at all or do you see any?
just trying to help to get rid of the scamming shithead
Comment has been collapsed.
This is why everyone should ALWAYS have 2-step phone security verification added on to their e-mails or any type of important accounts online. Lets say the hacker knows your e-mail password and logs in... But wait... There's another login password! That's where the 2-step verification does its magic... Hacker becomes frustrated because he doesn't know that random generated code that was sent to your phone and gives up... TA DA! No more getting hacked and losing all your shit... (Unless you lose your phone)
Comment has been collapsed.
trust to drugs...interesting name....seems like the drugs made their way through to your logical center.
why should he "forgive" his account ;)
Comment has been collapsed.
because apparently it is also a wine that had happened, he clicked on an image or just passed by reference
Comment has been collapsed.
Let me think.
There was one attempt back in 2013, where in my drunken stupor, i had clicked an offer on one of my trades. It was a very convincing
impersonator of the famed steam user, Palm Desert. I found that by clicking the link i was given, sent me to the impostor Desert's Account. Which again was convincing at the time, i then received several emails from steam that attempted to log my account in from Russia. Despite me being still logged in. I fucking clicked authorize by mistake. Luckily i had the good sense to change passwords immediately and then de authorize all machines associated with my account. Two Step Verification is very much recommended but i have no idea what the provisions are for if and when you lose your phone. Since i'm still in control of my account, i guess it worked. But now i never log into my steam when under the influence. I should have considered the fact that someone with that many games would never want anything i have in a trade.
Comment has been collapsed.
i cant understand something...
and sorry if this bothers you but i just want to know...
you logged with your steam password into "voice-speaker" ? are you sure you didn't log into another page "similar" to steam page?.
funny thing... i cannot see "voice-speaker" in google's results, but the page (going trough direct link) looks good.
Comment has been collapsed.
its a stealer....you dont have to type anything
the site is a FAKE....
Comment has been collapsed.
The exe will enable them to control your pc remotely ( i guess it is a backdoor functioning like teamviewer). They will strike again and give you blue screen of dead and loot away all your things again if you have not format your pc. I believe the hacker is the same person that stole mine (ukraine). Steam support is one of the worst customer service i ever faced before. They said they will investigate the case and basically no result/update for months (after i got hacked for 2nd time, i regretted i didnt format my pc immediately).
Comment has been collapsed.
I already did a format on my PC.
I believe the steam folder was messed up, because even after a reinstall, the steam client could not connect, until I did a fresh install on it.
Ran a McAfee scan on my whole PC, and seems to be clean right now.
Comment has been collapsed.
Wait, what you did isn't clear. The Steam folder was "messed up", so it was still around after you "did a format"? And you tried to run it after the format? Doesn't sound like you properly nuked everything from orbit :P .
What you need to do is make a backup of everything you care about on your computer, and treat the backup as infected, i.e. don't run any executable or open any file from it without scanning it with virustotal or several antiviruses. Or better: don't backup any programs. Then reinstall Windows from a trusted disk and format all hard drives from the Windows install. Then you can assume you have a virus-free install of Windows.
Comment has been collapsed.
My Steam folder is on a separate drive. Initially, I just nuked my SSD, which has Windows on it.
Steam still didnt connect, so I deleted it got a fresh copy. Installed Mcafee and scanned all my drives, and no issues were detected. Mcafee did detect something wrong with the file that caused all the trouble, so I have faith that it would have detected anything left behind. There is no way I am nuking all 5TB+ worth of stuff on my HDD if the scans are coming up clean.
Comment has been collapsed.
I wouldn't want to nuke 5TB of stuff either :P. It's just running the previous possibly infected Steam that strikes me as a horrible idea. Let's say it asked for admin permission and you granted it, you'd have to reinstall Windows again since it could have installed an undetectable rootkit.
If you didn't run any pre-format program with admin perms without scanning it first you should be fine though. It's normal that Steam didn't work without a reinstall btw, it relies on a system service to do most of its admin work without constantly prompting you. You deleted said service when reinstalling Windows.
Comment has been collapsed.
And the steamsupport don't do anything, like always.
Comment has been collapsed.
430 Comments - Last post 6 minutes ago by DiabLXIX
82 Comments - Last post 1 hour ago by AkulahArjuna
212 Comments - Last post 3 hours ago by DVDVD
372 Comments - Last post 3 hours ago by CeleryMan727
115 Comments - Last post 3 hours ago by CeleryMan727
20 Comments - Last post 4 hours ago by Gamy7
60 Comments - Last post 7 hours ago by Microfish
64 Comments - Last post 12 minutes ago by UnbakedBacon
1,184 Comments - Last post 18 minutes ago by Gelweo
24 Comments - Last post 23 minutes ago by Metalhead8489
133 Comments - Last post 40 minutes ago by SyrslyTwitch
628 Comments - Last post 58 minutes ago by xspiral97
99 Comments - Last post 1 hour ago by FranckCastle
290 Comments - Last post 1 hour ago by Konsterter
Hey,
I just got my Stem Account hacked. Unfortunately was not expecting someone from my friend list to do it, so I was not careful enough to avoid it.
I was just wondering what other people who had their accounts went through. Is Steam support able to return the stuff back? How long do they take? How was the whole experience. And what precautions do you now take to ensure this does not happen to you again?
I already contacted the support, but have not yet had a reply back aside from an automated one.
Comment has been collapsed.