Navigate

Steam accounts are being stolen by this devious phishing attack

>

According to a new report from Group-IB, Steam users are being targeted by cybercriminals who want to steal accounts.

The experts discovered a group of hackers who used an elusive phishing kit to try and trick gamers into giving away their Steam credentials, and once they do, the crooks will try to sell their accounts on the black market.

The thefts can reportedly be quite lucrative, with some of the more high-profile accounts reportedly selling for as much as $100,000 to $300,000 apiece.

The group gathers on Discord or Telegram and uses a phishing kit capable of “browser-in-browser” attacks, something that is not as widespread among the cybercrime community as some other tools.

What they will do is try to reach out to pro gamers on Steam and invite them to a tournament for one of the more popular titles, such as League of Legends, Counter-Strike, Dota 2 or PUBG. The invitation contains a link that takes the victim to a website that looks like it belongs to an organization that sponsors and hosts esports tournaments.

To register for the tournament, victims will be asked to log into their Steam accounts, which will look like a normal login pop-up page. However, that login page is not a browser popup, but rather a completely fake window, created on the current page. That makes it extremely difficult for the victim to see that they are being attacked, especially since the link in the search bar looks legit.

After entering their credentials, the targets will also be asked for their 2FA code and if they don’t provide the correct one, the website will display an error message. However, if they provide the correct code, they will be redirected to a legitimate URL, further concealing the theft (opens in new tab).

In general, the best way to defend against these types of attacks is to block JavaScript, but since such an aggressive measure would break many popular websites, it is not recommended. Instead, gamers are urged to be extra vigilant when receiving links from anywhere, including Discord and Telegram.

Through: BleepingComputer (opens in new tab)

Related Post
  1. The Role of Social Media in Adolescent Mental Health

    In today’s digital world, social media is more than just a place for entertainment. For…

  2. How Delta 8 and Delta 10 THC Are Extracted and Processed: Methods and Techniques

    Delta-8 THC and Delta-10 THC have emerged as novel cannabinoids garnering attention for their potential…

  3. Gran Turismo 7 update finally fixes an infuriating feature

    The latest update to Gran Turismo 7 is now live, with a slew of new…