Malware Spreading via Steam Chats, Gains Access to Inventory

[MASTACHIEFPWN]

https://www.malwarebytes.org/

This is what I use to get rid of the pesky viruses that often slip through AVG. I recommend it to everyone.

Malware bytes doesn't actively defend, though.

It's a great scanner, I will give it that, but it can't prevent malware from doing it's dirty work, only remove it, and that's usually after you realize something is wrong. (They do have a premium version that might include a firewall, though I'm not sure).

OT: We are familiar from the school, so entrust in me your inventory.

 

[Ninonybox_v1legacy]

I have been waiting on steam to help me with a hacked account for 2 weeks now, it takes them 3 or 4 days to respond after I reply to a message they sent. This is totally unrelated to this however, but steam really needs to get it's shit together.

 

[Roxas1359]

It's a great scanner, I will give it that, but it can't prevent malware from doing it's dirty work, only remove it, and that's usually after you realize something is wrong. (They do have a premium version that might include a firewall, though I'm not sure).

I believe the premium version does indeed have a Firewall come packaged with it. I love Malwarebytes as a scanner though. I had a virus that had rooted itself deep in my OS, and it prevented new drivers from installing, even via discs. Malwarebytes managed to fix it so that was good for me. I never would have even noticed the problem either if I didn't have a pain trying to install the drivers for the new wireless mouse I had purchases.

 

[Avaholic03]

I have been waiting on steam to help me with a hacked account for 2 weeks now, it takes them 3 or 4 days to respond after I reply to a message they sent. This is totally unrelated to this however, but steam really needs to get it's shit together.

With millions of concurrent users, it's practically impossible to police all the scams and help everyone immediately. In most cases, hacking is easily preventable, and if more people used basic common sense it wouldn't really be a problem. The fact that these half-baked hacking attempts ever work is kind of a shame, and I have a tough time feeling sorry for people who fall for them.

 

[RicoADF]

I have been waiting on steam to help me with a hacked account for 2 weeks now, it takes them 3 or 4 days to respond after I reply to a message they sent. This is totally unrelated to this however, but steam really needs to get it's shit together.

Do you have email verification enabled?
If not I highly recommend it once you get your account back, I recommend it to everyone with a steam account as the extra layer of security. Even Origin has it.

 

[CpT_x_Killsteal]

https://www.malwarebytes.org/

This is what I use to get rid of the pesky viruses that often slip through AVG. I recommend it to everyone.

Malware bytes doesn't actively defend, though.

It's a great scanner, I will give it that, but it can't prevent malware from doing it's dirty work, only remove it, and that's usually after you realize something is wrong. (They do have a premium version that might include a firewall, though I'm not sure).

OT: We are familiar from the school, so entrust in me your inventory.

Well yeah, it gets rid of, but doesn't prevent.

 

[NuclearKangaroo]

Valve better starts doing something about these scam attempts, this is the second mayor one this year

They did actually, they added a kind of warning message after clicking ANY kind of URL, very annoying for my friends and I, but kind of necessary nowadays.

well its clearly not idiot proof enough

 

[Stg]

Honestly, who would fall for this? Especially that type of broken form of communication.

 

[Gennadios]

Valve better start doing something about these scam attempts, this is the second major one this year

The first scam attempt being Greenlight?

Honestly, who would fall for this? Especially that type of broken form of communication.

It's actually not that uncommon for Steam Traders to send out random friend requests if you have some of the rarer TF2 swag in your inventory, and not all of them speak perfect English.

That aside, as surprising as it may be, there are people out there that fall for this kind of stuff.

 

[NuclearKangaroo]

Valve better start doing something about these scam attempts, this is the second major one this year

The first scam attempt being Greenlight?

greenlight didnt even came out this year so that joke goes nowhere

 

[Nuuu]

My friend must have fallen for it (somehow), as he sent me a picture link with the message "Hey, look i won a courier" with a linked screenshot.jpg image called "Picture4u". Of course i already heard about this virus spreading around, but i haven't talked to this friend in a long time and have no idea what a "courier" is. (I assume it's DOTA 2 related).

I looked the hijacked person's account and warned the person i knew who has an insane amount of hours on TF2 and CS:GO. Said he scanned the link he got with a VM and it was something that actually had to be downloaded, but i guess there are different versions of this virus.

 

[Xman490]

Also beware of typos of websites like "sieamcommunity".

 

[Svarr]

Bit LY is kind of a dangerous thing nowdays, but then again so is ignorance as always.

 

[Johnson McGee]

Honestly, who would fall for this? Especially that type of broken form of communication.

It's actually not that uncommon for Steam Traders to send out random friend requests if you have some of the rarer TF2 swag in your inventory, and not all of them speak perfect English.

That aside, as surprising as it may be, there are people out there that fall for this kind of stuff.

Yeah, I got a random friend request and accepted thinking it was a trade request. A quick look at the (mostly empty) profile coupled with the broken english made my response to him saying "a friend was trying to add but couldn't because of error please click this link" a quick "LOL, deleted."

That link actually started as steamcommunity so I'd advise people to be careful of those as well, since it probably won't trigger steam's confirmation.

 

[Strazdas]

yeah this was doing rounds for a week. apperently just like with Skype virus, there are so many people that totally fall for this. worst thing is people dont learn. i know a person that fell for skype virus 6 times.

Is this why I received a friend request from {"unassigned}"?

I'd never open anything with the Steam browser anyway, it's a lot slower than copy?pasting it into firefox and there's no antivirus you can put on it.

that unassigned guy seems to be the source of this malware. he is constantly being reported as spreading it.

Steam Browser is useless. on regular browser you got security, addons and faster functionality. I even got steam set up to automatically use Firefox on links.

 

[AstaresPanda]

yeh i clicked on this shit, but avast told me they blocked something and nothing was in my chrome downloads. Did a scan and it found nothing. Im hoping thats the end of it but im still paranoid

 

[Ninonybox_v1legacy]

I have been waiting on steam to help me with a hacked account for 2 weeks now, it takes them 3 or 4 days to respond after I reply to a message they sent. This is totally unrelated to this however, but steam really needs to get it's shit together.

Do you have email verification enabled?
If not I highly recommend it once you get your account back, I recommend it to everyone with a steam account as the extra layer of security. Even Origin has it.

Oh I have all the bells and whistles enables, luckily this seems to be the best worst hacker ever. None of my items are gone, they just put $100 in my steam wallet with some card I don't recognize and used $97 of it. I also seem to have a Strange Huo-Long Heater in TF2 now though. I know the hacker is from Russia though, or at least using a Russian email. I know because they put up the family pin lock system after they got in, and if you click "forgot my pin" it will show you a message saying where it is going to send a pin reset email after you click send. They also got into my battle.net account, however that was quickly solved. They tried to buy the new WoW expansion, but I guess they spend all their money on the $100.

 

[deathbydeath]

If anyone wants to know the best way to handle spambots, that chat log in the OP is a good role model.

Oh I have all the bells and whistles enables, luckily this seems to be the best worst hacker ever. None of my items are gone, they just put $100 in my steam wallet with some card I don't recognize and used $97 of it. I also seem to have a Strange Huo-Long Heater in TF2 now though.

Best hacker ever.

 

[RenegadeDuck]

Ha! The joke is on these scammer-losers! I don't have any friends on steam to chat with!

*Sobs lightly for a moment*

Joking aside, I don't think I've ever seen a scam attempt so obviously sleazy at a glance. I mean, just look at the message in the OP. "We are familiar from the school))"? Oh yeah, familiar from the school. I totally buy that. Never mind the suspicious link and the message telling me to look at their picture, I would be able to tell something is up when some stranger with hilariously broken English randomly contacts me and claims they somehow have figured out who I am from my profile that gives no information about me and knows me from "the school." (Elementary? Middle school? High school? College? No? Just "the school"?)

I'm sorry, I know it's obvious to everyone here that a message like this could only be a scam, I'm just shocked that there are people out there who would actually fall for a trap so humorously easy to spot.

 

[Sizzle Montyjing]

I fell for this I guess? I mean, it was sent from my brother, and addressed me as such, which is what threw me off.
Of course my brother was like 'Oh yeah it did that to all my friends' and didn't tell me... thanks.
But, nothing is gone from my steam, I didn't actually open it and purged my pc immediately afterwards and I seem ok...