| Off Topic > Off Topic |
| [FIXED!!] Possibly huge exploit on steam being used to steal account credentials |
| (1/8) > >> |
| IkeTheGeneric:
https://www.reddit.com/r/Steam/comments/5skfg4/warning_regarding_a_steam_profile_related_exploit/ Quick & Dirty Summary: DON'T LOOK AT ANY PROFILES ON STEAM OR YOUR ACTIVITY FEED. Also turn on mobile authentication if you haven't, might save your account if compromised. fixd --- Quote ---Currently, there is a risk (i.e. phishing, malicious script execution, etc.) involved when viewing or simply opening PROFILE pages of other steam users as well as your OWN activity feed (both desktop and mobile versions on all browsers). I would advise against viewing suspicious profiles until further notice and disable JavaScript in your browser options. Do NOT click suspicious (real) steam profile links and Disable JavaScript on Browser. Appropriate information has been forward to Valve and this issue should be resolved soon, sorry for any inconvenience. Anyone (with knowledge of the exploit) who uses or abuses it FOR ANY REASON will RISK RECEIVING A COMMUNITY BAN. If you find any such profile that you can't report (as in literally cannot use the report button), please PM them to me. Keep in mind that any discussion on any exploit method is NOT allowed here and will result in a ban without warning. This post is intentionally vague, and will be kept that way due to the nature of this exploit. And to make it VERY clear: do NOT post profile links on this sub (temporarily), do NOT post proof of concepts (we have the repro steps and passed them on), do NOT post anything relevant that might provide information on how to do this exploit (incl. youtube links). This post is your warning. TO THOSE POSSIBLY AFFECTED: Change your Steam Account password, enable Mobile Authenticator if it's not on already (otherwise deauthorize Steam Guard on all systems from settings) then restart your router/change IP. You might want to also consider scanning your system with a malware scanner/anti-virus. --- End quote --- |
| TableSalt:
|
| IkeTheGeneric:
--- Quote from: TableSalt on February 07, 2017, 08:13:28 AM --- --- End quote --- It's probably for the best, at least until more information is posted. |
| Poliwhirl:
zoinks good thing i have that mobile authentication thing already |
| IkeTheGeneric:
I cannot stress this enough. SET UP THE MOBILE AUTHENTICATION IF YOU HAVEN'T. It will protect you against bullstuff like this. |
| Navigation |
| Message Index |
| Next page |