Looking for information on this scam/hijack

[100 Degrees Leather Jacket]

Recently a friend of mine was scammed/hijacked. He said he was talking with a scammer via Steam chat on his phone and was having none of it, but eventually he ended up clicking a link of a Steam attachment sent by the scammer/hijacker that ended up downloading a file to his phone. Then he was locked out of his Steam account on his phone, and one hour later his valuable items were gone. He also said that he had a list with passwords on his phone and that his email was also accessed. Now obviously this reeks of malicious scripts, but it sounds rather complex and effective and also working on phones that can bypass Steam mobile authentications. If someone has more information about this, I'd like to hear it.

[ThePickleCat]

Seems more reasonable that he unknowingly logged in to a malicious site. It sounds a lot like this https://marketplace.tf/blog/posts/YHLZOB

I have an iphone so I'm not sure, but I'm pretty sure it doesn't allow files to automatically download to my phone.

I feel like there is more to this story than what was told by your friend.

 

[100 Degrees Leather Jacket]

35 minutes ago, ThePickleCat said:

Seems more reasonable that he unknowingly logged in to a malicious site. It sounds a lot like this https://marketplace.tf/blog/posts/YHLZOB

I have an iphone so I'm not sure, but I'm pretty sure it doesn't allow files to automatically download to my phone.

I feel like there is more to this story than what was told by your friend.

 

He said it wasn't like that. They tried to convince him of the whole "I reported you on accident" scam but he wasn't buying it. He says he just clicked the link, got a file downloaded and was locked out of the account.

[SVENNEN123]

I once pressed an accidental link all I downloaded was a picture of donald trump

[mehhhhhh]

> "was having none of it"

> "but eventually he ended up clicking a link of a Steam attachment"

 

????

 

And it would be nice if you told us what phone OS he was using.

 

[100 Degrees Leather Jacket]

11 hours ago, mehhhhhh said:

> "was having none of it"

> "but eventually he ended up clicking a link of a Steam attachment"

 

????

 

And it would be nice if you told us what phone OS he was using.

 

He didn't believe what the scammer was saying before, but he still ended up clicking an attachment. Whether by accident or otherwise, that's what happened. A file was downloaded "very quickly" and he claims he didn't open anything (at least not manually). Also he has an Android.

[Rosalina]

@Lava

[LeROY]

So basically when you click this link

• it will download an app
• it will find all your login information on steam and email
• take over while blocking you from accessing those accounts, including filling out pages of steam and google forms
• it will manage to transfer authenticator to new device and bypass trade-cooldown period

All this is impossible but.....

If someone really have made something that can bypass the same security systems and encryption as most bank-apps and moneytransfer-apps use, I can guarantee its not used to scam tf2 hats

 

Its more probable that he gave away all info by logging into a site to get a "free karambit or burning TC"

 

 

[100 Degrees Leather Jacket]

4 hours ago, LeROY said:

So basically when you click this link

• it will download an app
• it will find all your login information on steam and email
• take over while blocking you from accessing those accounts, including filling out pages of steam and google forms
• it will manage to transfer authenticator to new device and bypass trade-cooldown period

All this is impossible but.....

If someone really have made something that can bypass the same security systems and encryption as most bank-apps and moneytransfer-apps use, I can guarantee its not used to scam tf2 hats

 

Its more probable that he gave away all info by logging into a site to get a "free karambit or burning TC"

 

 

No, he didn't do that at all. The idea was that the malware made him lose control of his phone which would then be taken over by the scammer/hijacker, which would then get information on his passwords from the list on his phone. Just that I never heard of such a thing before. Also he still had mobile auth even after being scammed on his phone.

[D.Alex]

Ask your friend to check GetFriendMessagesLog as it should show the sent images as well.

 

I agree with LeROY that this thing would require too many exploits (even without knowing the exact phone model).

 

Imho this would also require some kind of vulnerability in Steam Chat so it could be one of those rare case when Steam support could "return" the items. Has your friend tried to ask them?

 

[LeROY]

13 hours ago, 100 Degrees Leather Jacket said:

No, he didn't do that at all. The idea was that the malware made him lose control of his phone which would then be taken over by the scammer/hijacker, which would then get information on his passwords from the list on his phone. Just that I never heard of such a thing before. Also he still had mobile auth even after being scammed on his phone.

You never heard of it because its not the truth, or even possible! What you are describing/applying is a malware that can steal his whole personalia(basically EVERYTHING he is and does in life), and it can NOT be restricted to only work on 1 app even with open backdoor and a step-by-step exploit-instructions.

 

The fact is

• 99% of all "scams" are people giving away their items because humans are greedy and lazy
• now factor in 90% are just dumb.. The kind of dumb that doesnt change with age or life experience

 

Scams used on Steam are basically the first 3-4 internet scams ever created, just worded slightly different.

 

Can you spot the similarities:

1. Would you send money to a Nigerian princess that has $100000000 in frozen assets that she will share with you if you help with paying for a passport and lawyer?
2. Would you send items to a R(ussi)andom teen girl that has 10 Burning TCs-that she will share with you- on a tf2 gambling site that accidentally banned her?

 

Scammers are not the problem, stupidity is!

[XenSakura]

On 11/7/2018 at 3:33 PM, SVENNEN123 said:

I once pressed an accidental link all I downloaded was a picture of donald trump

10/10 best malicious file

[SmokE]

I dont think you can download a file via steam app 
Even if he did download it via  phone browser I doubt it can steal steam data. That shit is highly encrypted unless his phone was rooted there was no way to access those data. 

Anyway please report the account that did this on the main site