Help me D-Pad....you're my only hope. My Steam account got hacked somehow and I lost $200. I'm baffled.

Thread: Help me D-Pad....you're my only hope. My Steam account got hacked somehow and I lost $200. I'm baffled.
JohnnyFlawless

JohnnyFlawless

Member
 
Platforms
  1. PC
  2. Xbox
  3. PlayStation
A couple days ago, I get a message from someone on my friend list asking if my account hot hacked. He then directs me to my profile where it had been edited to appear as if my account was being banned in an hour and I had to move all my items to a new account. Obvious scam, I call him on it and clearly his account was hacked. A couple minutes after I call him on it as I'm reverting my profile back, $200 in my steam wallet disappears. A purchase was made by my account to some worthless Dota name changer thing that the scammer listed at that price (also got his name and location out of all this).

I quickly changed my password and ran virus scanners. Nothing comes up.

Then it hits me and this is where I'm truly baffled.....I have Steam Guard....how the hell was someone able to get into my account and change things? I never got a notification...I checked the authorized devices and there's nothing new on there. So my only guess is Steam itself was compromised. And Steam refuses to refund me the money, even though they admit they found that I was scammed.

Can anyone explain how else this could've happened? I live alone and only log into Steam on my PC at home. Nobody else would've had access to it unless someone remoted into my PC through a trojan. But then again....how did he make the purchase on my account from his end? Steam Guard would've asked me first about the login from a new location.

The hacked friend sent me a pic of what my profile was changed to. Never clicked any links or anything either. This person clearly had immediate access to my wallet and made the purchase right after he discovered I wasn't going to trade him all my skins.

Messages:

1.png


2.png


3.png




And here's Steam giving me the fuck you:

scam.png
 
  • Shocked
Reactions: Still can't decide, Bullet Club, Mickmrly and 2 others
Damn, now you've got me paranoid. Do I need to remove payment information from Steam just to be safe? Kind of always assumed Steam was relatively safe...
 
Calcium said:
Damn, now you've got me paranoid. Do I need to remove payment information from Steam just to be safe? Kind of always assumed Steam was relatively safe...
Click to expand...

I've never had an issue until now.....and I held $500 in my wallet for the longest time after selling skins off. I'm more freaking out about how this happened than the money itself. Day after, I won $211 on a $5 underdog fantasy football bet :cool:
 
  • Strength
  • Like
Reactions: Arkam and Calcium
(Goes to check mine out of paranoia).... Last transaction was Sept 2022.... when I purchased Return to Monkey Island. What a great game. But damn does time get away from you as you get older.
 
If your friend and you were hacked, it could be someone taking advantage of some loophole in steam. The best you can do is change your password, don't communicate with the hacker and don't click on any links.

Consumers regularly take precautions, but there are always some loopholes that hackers exploit. If something exists in the internet, it can eventually be hacked.
 
Mickmrly said:
If your friend and you were hacked, it could be someone taking advantage of some loophole in steam. The best you can do is change your password, don't communicate with the hacker and don't click on any links.

Consumers regularly take precautions, but there are always some loopholes that hackers exploit. If something exists in the internet, it can eventually be hacked.
Click to expand...

That's my suspicion....Steam itself is compromised. There's no other explanation. But I was targeted. My profile was changed before he engaged with me.
 
  • Brain
Reactions: Mickmrly
Who is this friend that noticed your profile was different within this one hour time window? (that surely doesn't exist). Why would they edit your profile page if the goal was to be discreet?

Honestly I'm a bit confused by it all. If the purchase was fraudulent what is stopping Steam refunding you and giving item back to the seller? Even if said item was moved from your account it should be easy for them to track?

That said I don't know about Steam items (none game sales) enough to comment with any authority.
 
Hostile_18 said:
Who is this friend that noticed your profile was different within this one hour time window? (that surely doesn't exist). Why would they edit your profile page if the goal was to be discreet?

Honestly I'm a bit confused by it all. If the purchase was fraudulent what is stopping Steam refunding you and giving item back to the seller? Even if said item was moved from your account it should be easy for them to track?

That said I don't know about Steam items (none game sales) enough to comment with any authority.
Click to expand...

His account was hacked. Just the way he was talking shows me he don't Engrish. I don't know this guy well on my friend list, but I've played with him plenty over the years. That wasn't him. I honestly was in the middle of playing shit and didn't care much what he was saying at first.

The goal was he was attempting to get me to trade all my skins to a "trusted friend" before my account got banned. The convo didn't get to that point, but obviously it was leading towards trading to him. I have steam guard 2FA. So he couldn't get that stuff unless I approved it on my phone.

Soon as I basically said go fuck yourself, two minutes later.... My wallet funds disappear. Which is where the weirdness comes in.... Somehow he had access to buy a community market item with my money.... That doesn't require 2FA....but obtaining access to my steam account and logging in from a different location does.... So even if he got my password, he wouldn't have been able to get in unless I approved it on my phone.

To your last question, because steam/valve are a bunch of fadges and their terms of service state they will not refund market purchases. Apparently including compromised accounts. That part I didnt know.


Lesson here overall.... Don't keep money in your steam wallet. I only had it because of skins I sold and you can't cash it out to your bank.
 
  • Brain
Reactions: Mickmrly and Hostile_18
So..... This might explain what happened to me. Still have no idea how I would've gotten malware on my system. I don't click links or download shit. Some scary shit right here. I'm gonna deep scan my PC. I ran spyboy and anti-malware bytes and nothing was found. Anyone else got some good AV recommends?

 
  • Shocked
Reactions: Mickmrly
JohnnyFlawless said:
So..... This might explain what happened to me. Still have no idea how I would've gotten malware on my system. I don't click links or download shit. Some scary shit right here. I'm gonna deep scan my PC. I ran spyboy and anti-malware bytes and nothing was found. Anyone else got some good AV recommends?

Click to expand...


There is only so much you can do to protect yourself. Hackers will be getting more invasive with the help of AI coding, so it's best to just self-limit yourself to browsing trusted websites or just use virtual machines for most browsing. Trusting software developers who are around the same calibre as Concord's developers to keep you safe is just asking for trouble.
 
  • Like
  • 100%
Reactions: Joe T. and JohnnyFlawless
JohnnyFlawless said:
So..... This might explain what happened to me. Still have no idea how I would've gotten malware on my system. I don't click links or download shit. Some scary shit right here. I'm gonna deep scan my PC. I ran spyboy and anti-malware bytes and nothing was found. Anyone else got some good AV recommends?

Click to expand...


He works in cyber security and downloaded a malware. I wouldnt want him working for my cyber security/
 
kiNeMs said:
He works in cyber security and downloaded a malware. I wouldnt want him working for my cyber security/
Click to expand...

I mean.... I haven't compromised my PC in about 20 years. I have a degree in IT and was looking to get into that field. I'm not a retard when it comes to basic security. But shit does happen, man. I've never heard of downloading a fucking pdf compromising your system. That's crazy to me. But apparently that's a thing now so it's like... What is safe to download, if anything? These days, I like to assume we are all vulnerable if we are a target to someone who knows what they're doing. You only evade attacks by being a nobody.
 
  • Like
Reactions: kiNeMs
JohnnyFlawless said:
So..... This might explain what happened to me. Still have no idea how I would've gotten malware on my system. I don't click links or download shit. Some scary shit right here. I'm gonna deep scan my PC. I ran spyboy and anti-malware bytes and nothing was found. Anyone else got some good AV recommends?

Click to expand...

See you already found the trojan. But windows defender offline scan and norton power eraser are good.

As for malware there is an unlimited number of avenues, amazon compromised cables, usb sticks, peripherals even branded ones can be compromised. Also given walled gardens like android and ios have had malware wouldn't surprise if some steam games or windows store apps also could have malware.
JohnnyFlawless said:
Annnnd yep, had a fucking Trojan on my PC just found through windows AV. My other AV missed it. Mother fucker.
Click to expand...
Depending on the malware worse case it can embed below OS and survive any antivirus some even reinstall. Think some can even become embedded in motherboard bios memory iirc.
 
  • Brain
Reactions: Mickmrly
JohnnyFlawless said:
I've never heard of downloading a fucking pdf compromising your system. That's crazy to me. But apparently that's a thing now so it's like... What is safe to download, if anything?
Click to expand...
From my understanding the pdf has to be opened. That is why you have to enable secure mode which disables scripts in pdf reader.
 
You must log in or register to reply here.
Top Bottom
Back