I am receiving the attached warning by email almost every month.
What can be the source of them gaining my steam password?
-I use a +20 character password for Steam, and change it every time i get the warning
-My email password is same length, but is never hacked (otherwise they'd have the steam account)
-I use both passwords regularly on all computers, so I would rule out keyloggers, as that would already have cause me to lose my account.
Based on these points the possibility of cracking the password should take +10,000 years.
Only thing I could assume is that hackers can get into Steam passwords. Which would be a big deal.
Levi Phillips
Install gentoo
William Barnes
>BR UMA
Probably a keylogger
Jack Nelson
>Both passwords Use keepass, dumbass.
Kayden Smith
keepass is worthless on an untrusted machine. Also NEVER store your main email address password in a database. That shit should be on paper somewhere safe or in your head. Email passwords are master passwords themselves nowadays.
Jason Jenkins
This is first attempt from BR, i had RU and India earlier for instance.
Each time had password change in between. Seems unlikely this is a keylogger, but to exhaust all possibilities what software should I use to scan for that as well.
Nathan Martinez
Try MalwareBytes
Josiah Wilson
Reinstall your whole windows but don't use that shady "full_free_windows_7.exe"
Josiah Scott
I would honestly just fresh install OS to be safe.
Kayden James
I have all my passwords in my head following this model for easy remembering;
RndWord!!RndWord!!RndWord12
Aka Random words with some letters capitalized, special characters and two numbers.
Hudson Myers
It's a rat you dumb shit. Reinstall your OS and if its windows switch to linux. You killed a thread for a sqt post kys
Asher Reyes
>I would honestly just fresh inst
Ok, my devices are; -Work computer which I am handing in for formatting today since I'm switching jobs. -Home Laptop (likeliest culprit) which I could format as well as just uninstall steam from permanently -Home desktop, which is new with a fresh install from 8months ago or so. but i can also reinstall that one.
However my point remains, if i have a keylogger, wouldn't the hacker also have my email password and hence be able to hijack all my accounts.
Unless they have no idea what they are doing.
Jordan Adams
A rat would require the computer to be switched on during the hacking attempt? At the time of the attack i believe none of my computers were switched on.
Brody Sanders
Steam probably has atrocious database security, this could be a symptom of a massive hacking scandal on its way.
Christopher Green
It's likely not a key logger, but unless it's an error on valve's part you must have some form of malware if it's managing to keep getting your password. Even if it suddenly stops I'd still format, though it's annoying it's better than having all your shit broken into
Nathan Jackson
Fair enough. I guess i'll go for that to be safe.
Christopher Russell
seems like you downloaded a sexywomans.pussy.free?cleannovirus.exe/bat. All the basic ratting frameworks like metasploit and powershell empire have password extraction from browser and steam client. If it has established persistence, changing the passwd wont mean shit. Run various antiviruses. If nothing is found, do a full wipe.
Jonathan Thompson
What applications do you have installed? What do you use regularly or each month?
>Format and reinstall entirely >Change passwords >Don't use voice chat in Steam as it exposes your IP address >Don't use teamspeak, skype, mumble, ventrilo etc. instead just use Discord but preferably none
Either they're stealing saved credentials from your browser or you're getting phished from one of your "friends". I've known people before who had 5+ year "online friendships" with someone all part of a social engineering operation to steal everything from them i.e all of their social media accounts, battlenet, uplay, steam, itunes and so forth
Isaac Jones
go to "have i been pwned" and enter your email, it'll tell you if you were on a database of users that got leaked.
bonus points if the leak came from plain text passwords (for some reason people can't use hashes yet).
Jason Gonzalez
Just use an authenticator. There's literally nothing they can do, as long as they don't have access to your phone.
Same goes for your e-mail. Nowadays not using any kind of 2-step verification process for your important accounts is beyond stupid.
Nathaniel Ward
You're obviously keylogged if they consistently know the password. And yes, they probably also have all your other passwords.
Stop running rogue .js files in Winshit 10 user, it's not healthy.
Alexander Morris
>attempt from BR, i had RU and India earlier >Seems unlikely this is a keylogger
Eli Jenkins
>Seems unlikely this is a keylogger
Asher Nelson
wtf is that kill it with fire
Brody Rogers
You think fire works here?
Angel Moore
Must be a keylogger or other malware of that sort if what you are saying about your password is true.
You MUST reinstall windows, preferably while disconnecting internet while backing stuff to a USB/external drive. You can never be 100% sure that anti-virus/malware programs will find everything, so don't even be lazy about it, there's someone potentially monitoring your every move.
Aaron Sanchez
You have a keylogger installed on your computer you dumbass, how do you go through that 4 times without reinstalling your OS?
