I was digging through some recent Steam related phish pages, and came across something I haven’t seen before: a new way to steal Steam accounts while bypassing an additional security measure. Typically a Steam phish page asks for username and password, like all phish attacks – often these can be foiled by enabling Steam Guard on your account. What is Steam Guard? When logging in on a PC you haven’t used before, will pop a window asking for a verification code which will have been sent to your email address. Without the code, you can’t log in. Scammers have come up with a somewhat novel way to try and get around this security measure.
See more of Steam Key Generator 2017 - Steam Wallet Code Generator on Facebook. Is steam code generator safe. Cod mw3 steam key generator. Steam Guard Keygen Download Safe. The best source of free Hacks,Cheats and Generators. Our game hacks are very common these days and we just finish for you Yu Gi.
How do they do it? A potential victim will navigate to the phish page and enter their Username and Password. At this point, they’ll be greeted with the following pop-up box: Looking very similar to the usual Steam Guard pop-up box, it says: We see you’re logging in to Steam from a new browser or a new computer. Or maybe it’s just been a while As an added account security measure, you’ll need to grant access to this browser by uploading the special ssfn.
file from your Steam folder Ssfn. file contains your ID number and located in a directory Steam folder (/Program Files/Steam/ssfn. ) Sending this file to the scammer allows them to place it into their Steam directory and login as the victim while avoiding the Steam Guard security prompt asking for a verification code sent to the email address on file. What is the SSFN File? The SSFN file is the one that stops you from having to verify your identity through Steam Guard every time you login to Steam on your PC. If I delete mine, for example, I’ll have to go to my email account and dig out a brand new verification code sent to me from Steam.
After I’ve done this and entered the code, a brand new SSFN file is created in the Steam folder and I’m back to being protected by an additional layer of security. Here’s the file in question: Testing, Testing We did some testing and can confirm that this technique – asking a victim to send their SSFN file to the scammer – does indeed work. In the below screenshot, we’re attempting to login to a Steam Guard protected account from a new machine / IP / location / everything else: “Hello! We see you’re logging in from a new computer. As an additional security measure, you’ll need to grant access to this computer by entering the special code we’ve just sent to your email address” At this point, the scammer would be foiled unless they also have access to the victim’s email account. However, let’s assume the victim here has sent their SSFN file via a.
From there, we take the victim’s SSFN file, drop it into the Steam directory on the scammer’s computer, try to login again and Success! It seems this one has been around for at least a month or so – after a little more digging, we came across a on Reddit about it. Compromised Steam accounts are big business, especially for those wanting to hijack accounts which have rare in-game items in their inventory (they’ll “trade” the items off to an account owned by the scammer, who will then go on to sell them for their own gain on the, buying games with the newly acquired funds in their Steam Wallet). Not to mention, they can play all your games for free while logged in as you. While logged in as a Steam user, they’ll be able to see the victim’s purchase history, change current email address, current Steam password, disable Steam Guard, change the profile name and update the stored payment method (if any). They can’t make purchases with the stored card because Steam requires you to re-enter the when making payments.
Steam themselves are aware of this issue, and the Steam forum mods are warning users that sending scammers their SSFN files will not end well ,. The forums themselves are stacking up a nice line in victims , , , , , , , ,. Here’s a screen one user posted of their detailing the game items they’d lost while being tricked into uploading their SSFN. In one of those weird twists of fate, some mods had previously been advising users to to avoid the 15 day trading delay when moving to a new machine. That desire for convenience has come back to bite some gamers in a way they probably couldn’t have imagined. What can Steam do about this?
That’s a good question. The great thing about Steam is flexibility – if you want to switch between desktop and laptop in a hurry, it’ll let you. Steam Guard isn’t cumbersome, nor does it nag you or get in the way once you’ve authorised a machine.
And with out there, scammers have a sizeable chunk of the global gaming population to pick and choose their targets from (according to Wikipedia, that figure is now at some, with 75 percent of all games being purchased on PC through Steam). The moment they make Steam Guard more intrusive or tighten the security screws, they risk alienating gamers and the less appealing using the feature will become. We spend a lot of time advising people not to download files from non-trusted sources, but it’s clear that we all need to start letting people know that sometimes uploading files to strange destinations can also result in a bad experience for all concerned (except the scammer, who is having a wonderful time in your copy of Half-Life 2). Christopher Boyd (Thanks to for help with setting up the testing). I got my account hacked about a week ago, I immediately made a support ticket and I described the situation in every little bit of detail, today I got a new e-mail from the support and I got my TF2 items back, but he warned me: just for this time, since I also enabled authorization on Steam Guard on my phone and changed every password, I’m sure I’ll be safe for a while anyway and my new policy is: ignore every friend request unless I know the guy that sends me it.
Interfacial fiat ecu scan. Pingback:. Pingback:. Pingback:. Pingback:.