Jump to content

I HAVE BEEN HACKED

Spyromancer

By Spyromancer
in General Discussion

Recommended Posts

  • Replies 67
  • Created
  • Last Reply
∞Ramses Rookie

∞Ramses

Posted
Posted

didja report him?

Lets keep tabs on the unusuals. Spyromancer, I reccomend adding the url of the account with your hats to your steam support ticket. They'll look into it.

 

Yeah, to Valve.

 

Also, when searching through tkorols backpack, I found some items from a user named "penis".

 

http://www.tf2outpost.com/backpack/76561197997010176

 

It seems he has been hijacked too, and his stuff went to a hijacker alt, "developer": http://www.tf2outpost.com/backpack/76561198093726562

 

It's an entire network of hijackers, alts and hijacked users.

Link to comment
Share on other sites
Bakgrund Newbie

Bakgrund

Posted
Posted

How do people manage to get hacked, as long as you don't have the same pw for your email as your steam account the chance is mininal, and if they even get your account they can't trade anything in 15 days.

Link to comment
Share on other sites
Cedarium Community Regular

Cedarium

Posted
Posted

How do people manage to get hacked, as long as you don't have the same pw for your email as your steam account the chance is mininal, and if they even get your account they can't trade anything in 15 days.

They trick you into giving them your steam guard code

Link to comment
Share on other sites
Bakgrund Newbie

Bakgrund

Posted
Posted

They trick you into giving them your steam guard code

 

Oh that explains it. They should make steam guard codes fixed to the ip-adress you requested it on, would solve these problems.

 

But still, they can not trade on the new computer for 15 days.

Link to comment
Share on other sites
♠Derpeh♤ Newbie

♠Derpeh♤

Posted
Posted

It's an entire network of hijackers, alts and hijacked users.

 

Yeah that Raine guy from before basically uses his hijacked account to phish more after cleaning it out. I noticed some of his victim's friends later get hijacked :L

 

Sigh...

Link to comment
Share on other sites
HusKy Newbie

HusKy

Posted
Posted

Oh that explains it. They should make steam guard codes fixed to the ip-adress you requested it on, would solve these problems.

 

But still, they can not trade on the new computer for 15 days.

If he logs into a fake website, the IP the request comes from is the same as phishers IP.

Link to comment
Share on other sites
Vegan T-Rex Newbie

Vegan T-Rex

Posted
Posted

Oh that explains it. They should make steam guard codes fixed to the ip-adress you requested it on, would solve these problems.

 

But still, they can not trade on the new computer for 15 days.

Nope. When I got hijacked, my items got transferred within the same day. 

Link to comment
Share on other sites
♠Derpeh♤ Newbie

♠Derpeh♤

Posted
Posted

Nope. When I got hijacked, my items got transferred within the same day. 

It was because steam got to many complains about the new system since some people logged on either on another computer or their phone and it locked their account so they changed it back.

Link to comment
Share on other sites
Vegan T-Rex Newbie

Vegan T-Rex

Posted
Posted

It was because steam got to many complains about the new system since some people logged on either on another computer or their phone and it locked their account so they changed it back.

thats stupid

Link to comment
Share on other sites
Bakgrund Newbie

Bakgrund

Posted
Posted

If he logs into a fake website, the IP the request comes from is the same as phishers IP.

 

The user tries to log in on the phishing site, the same user gets an email adress with a code, that code will only work for that guys ip-adress. If i've understood it right the phisher just steals the code from the phishing site? The user won't even get signed in? Then how would the phisher be able to sign in on the account if the code only works with the victims ip-adress?

Link to comment
Share on other sites
Vegan T-Rex Newbie

Vegan T-Rex

Posted
Posted

Welp, at least I know i wasn't an idiot when I got phished. I did double check the link, and it did say steamcommunity. 

I was an early victim. 

Link to comment
Share on other sites
♠Derpeh♤ Newbie

♠Derpeh♤

Posted
Posted

Wow, that sucks.

 

So they have removed this 15 day cooldown completely?

Not too sure about completely probably under some circumstances it kicks in but to my knowledge they certainly lowered the restrictions.

 

Soon after steam implemented the auto 15 day lock down if you logged in from somewhere which you've havent logged (think it was in the last 2 month or something?) It would auto lock trading for 15 days. They got flooded with complains from people who have 2 computers at home, or use their mobile...etc so yeah...

 

Someone plox correct me on this, im running from memory and i havent slept for a while...

Link to comment
Share on other sites
HusKy Newbie

HusKy

Posted
Posted

Not too sure about completely probably under some circumstances it kicks in but to my knowledge they certainly lowered the restrictions.

 

Soon after steam implemented the auto 15 day lock down if you logged in from somewhere which you've havent logged (think it was in the last 2 month or something?) It would auto lock trading for 15 days. They got flooded with complains from people who have 2 computers at home, or use their mobile...etc so yeah...

 

Someone plox correct me on this, im running from memory and i havent slept for a while...

You are right, they took it down for a while and they reworked it. After 2 weeks, they enabled it again. I have already posted a link in this topic.

 

The user tries to log in on the phishing site, the same user gets an email adress with a code, that code will only work for that guys ip-adress. If i've understood it right the phisher just steals the code from the phishing site? The user won't even get signed in? Then how would the phisher be able to sign in on the account if the code only works with the victims ip-adress?

User A (machine A, IP A) types his name/pass to phishers fake website. User B uses provided name/pass to log in. SG is triggered by User B (machine B, IP B ). User A receives email and supplies his SG code which is tied to User B. Once again, User B uses this code to authenticate. User A never directly contacted Steam servers. Everything went through User B and his machine.

 

BTW. SG codes don't need to be tied to IP address at all. This is just pure speculation.

Link to comment
Share on other sites
♠Derpeh♤ Newbie

♠Derpeh♤

Posted
Posted

User A (machine A, IP A) types his name/pass to phishers fake website. User B uses provided name/pass to log in. SG is triggered by User B (machine B, IP B ). User A receives email and supplies his SG code which is tied to User B. Once again, User B uses this code to authenticate. User A never directly contacted Steam servers. Everything went through User B and his machine.

This sounds about right though im pretty sure most phishers just use a script to do the latter and changes the password, email...etc before User A realizes they have been hijacked.

 

Another less common method of hijacking is to get the user to download a file which in essence is a key logger (It keeps a log of everything you type...etc) these are the "go download this file to get free hats/unusual" links some users give out.

Link to comment
Share on other sites
Vegan T-Rex Newbie

Vegan T-Rex

Posted
Posted

This sounds about right though im pretty sure most phishers just use a script to do the latter and changes the password, email...etc before User A realizes they have been hijacked.

 

Another less common method of hijacking is to get the user to download a file which in essence is a key logger (It keeps a log of everything you type...etc) these are the "go download this file to get free hats/unusual" links some users give out.

that happened to portalfield a while back. 

he didn't lose anything, but the phish hijack is much more common. 

Link to comment
Share on other sites
♠Derpeh♤ Newbie

♠Derpeh♤

Posted
Posted

that happened to portalfield a while back. 

he didn't lose anything, but the phish hijack is much more common. 

Yup, the method i mentioned isnt as successful overall it's simply a more "steam/valve" version of viruses which have been around for ages. Ive seen instances where people have had their paypal accounts/hotmail/facebook being stolen rather than their steam account...

Link to comment
Share on other sites
Bakgrund Newbie

Bakgrund

Posted
Posted

You are right, they took it down for a while and they reworked it. After 2 weeks, they enabled it again. I have already posted a link in this topic.

 

User A (machine A, IP A) types his name/pass to phishers fake website. User B uses provided name/pass to log in. SG is triggered by User B (machine B, IP B ). User A receives email and supplies his SG code which is tied to User B. Once again, User B uses this code to authenticate. User A never directly contacted Steam servers. Everything went through User B and his machine.

 

BTW. SG codes don't need to be tied to IP address at all. This is just pure speculation.

 

I don't know if we're thinking of the same idea.

 

My idea is:

  1. Victim goes to phishing site.
  2. Gets an email with a sg code, steam logs the ip adress that he requested the sg code on.
  3. Enters the code and he won't get logged in (?) 
  4. The phisher tries to sign in, he won't be able to do so tho because he's not entering the code from the same ip-adress that the sg code got requested through.

 

Wouldn't that work?

Link to comment
Share on other sites
HusKy Newbie

HusKy

Posted
Posted

2. Gets an email with a sg code, steam logs the ip adress that he requested the sg code on.

How does Steam acquire his address? He is essentially using a proxy server.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...