Go Back   Steam Users' Forums > Steam Discussions > Help and Tips

Reply
 
Thread Tools Display Modes
Old 01-26-2012, 12:01 PM   #1
Furax44
 
Join Date: Jan 2012
Reputation: 0
Posts: 3
Email and Steam Account Hacked

Hey, today, is a great day.
Coming back home, I immediately check my mails, and I understood in few seconds that I got hacked.
Within minutes, I launched a recovery processs with Windows Live Mail, but then I figured out that my Steam account was hacked as well.

My questions are :
I ran several tests (ESET Smart Security, ComboFix, RogueKiller, Spybot S&D). How can I be sure that I don't have a Keylogger running ?
I opened a support for my Steam account, are they going to answer on my hacked mail-account ? (Wich is my previous address linked with that account).
For how long will I be unable to play ?

Hoping a fast response,
Regards,
Furax.

(P.S : And above all, I'm sick \o/. If I had a gun ...)
(PP.S : Sorry for my poor English, i'm French)
Furax44 is offline  
Reply With Quote
Old 01-26-2012, 12:07 PM   #2
Eunos
 
Banned
Join Date: Sep 2011
Reputation: 366
Posts: 1,217
Quote:
My questions are :
I ran several tests (ESET Smart Security, ComboFix, RogueKiller, Spybot S&D). How can I be sure that I don't have a Keylogger running ?
Format the machine, I would, but others might be able to offer you better\simpler ways of searching.

Quote:
I opened a support for my Steam account, are they going to answer on my hacked mail-account ? (Wich is my previous address linked with that account).
They will answer you on the E-mail address you gave when you signed up to the Steam support service, however, the replies are also listed in the ticket system, just go to support and click on open\my tickets.

Quote:
For how long will I be unable to play ?
Until they have looked into the case, noone on here call tell you.
Eunos is offline   Reply With Quote
Old 01-26-2012, 12:09 PM   #3
Satoru
 
 
 
Join Date: Jul 2008
Reputation: 5181
Posts: 10,981
First you should think about a few things

1) Have you downloaded anything horrible and shady from the internet? Maybe that "Dead Island Keygen" wasn't such a good idea.
2) Did you enter your steam and email information into a website someone sent you via chat that offered you FREE GAMEZ!?!?!?!
3) Is your email password secure? Do you use this email and password combination anywhere on the internet?

Unless you downloaded something stupid from the internet I doubt you have a keylogger on your computer. You most likely either were phished, or you reused your email/password on some other website that was compromised.

Do the following

1) Change your email password. Ensure it's complex and NOT USED ANYWHERE ELSE ON THE INTERNET
2) Once you get your Steam account back, ensure the password is complex, not the same as your email password and again not used anywhere else on the internet
3) Enable steamguard

If you did download something from the interent, then I consider the computer compromised and all bets are off. Pull off any save games, pictures, movies, documents, etc and reformat the computer.
Satoru is offline   Reply With Quote
Old 01-26-2012, 12:18 PM   #4
Furax44
 
Join Date: Jan 2012
Reputation: 0
Posts: 3
Thanks for replying.
I will reformat, tomorrow.

I never entered my informations into a suspicious website.
For those horrible and shady things, I did not. All (well, most of all)of my games are legit.

In fact, my passwords are secured, but yes, I don't use the same everywhere, but Steam's password was the same I used for my mail account.

One more thing, my second e-mail address has been hacked at the same moment, however the password is not the same on this one. That's why I want to check for keyloggers ... My computer is used by my brothers and sisters too, I don't know what crappy downloads they have made.
Furax44 is offline   Reply With Quote
Old 01-26-2012, 12:24 PM   #5
Satoru
 
 
 
Join Date: Jul 2008
Reputation: 5181
Posts: 10,981
Quote:
Originally Posted by Furax44 View Post
All (well, most of all)of my games are legit.
Yeah... there's a potential vector there


Quote:
but Steam's password was the same I used for my mail account.
yeah that's not a good idea even if you have steamguard enabled.

Quote:
One more thing, my second e-mail address has been hacked at the same moment, however the password is not the same on this one. That's why I want to check for keyloggers ... My computer is used by my brothers and sisters too, I don't know what crappy downloads they have made.
[/quote]

Given that you've probably been compromised in some way. I would suggest the following

1) Assume EVERYTHING is compromised. Paypal, banks, emails, forums, everything. Find ANOTHER COMPUTER (since we cannot trust your computer as it is) and change the passwords for anything that has money or sensitive information in it.

2) I guess you already have AV installed? (ESET I think is an AV solution but I'm not sure) but something to look into for your rebuild.
Satoru is offline   Reply With Quote
Old 01-26-2012, 04:21 PM   #6
DeductiveReason
 
 
 
Join Date: Sep 2011
Reputation: 122
Posts: 138
Quote:
Originally Posted by Furax44 View Post
Steam's password was the same I used for my mail account.
That entirely defeats the purpose of Steam Guard. You need rethink your everyday computer security practices or this sort of thing is going to happen again.

Reformatting may not actually be enough to get rid of a rootkit if you have one. You should overwrite your hard drive with 0s or random data then reformat it. I suggest using http://www.dban.org/
DeductiveReason is offline   Reply With Quote
Old 01-26-2012, 04:43 PM   #7
Sinhealer
 
 
 
Join Date: Jul 2011
Reputation: 2949
Posts: 2,852
Quote:
Originally Posted by Furax44 View Post
Steam's password was the same I used for my mail account.
Worst thing ever,it basically takes away Steamguard.

I do not even know the password for my email,I asked the Wife to make something up with capitals and numbers and write it down somewhere,I still have to look at it when a problem happens and I need to re-sign in.
Sinhealer is offline   Reply With Quote
Old 01-27-2012, 02:09 AM   #8
Furax44
 
Join Date: Jan 2012
Reputation: 0
Posts: 3
Just recovered all of my accounts, finally.
I found a file named "$RECYCLEBIN" at the root of a partition (not the main one) of my HDD, with hidden folder in it. This may be it right ?

Anyway, thanks a lot for your help, I changed my passwords (under Linux, with a visual keyboard, to be sure x)).
I'm going to use DBAN right now, hoping my computer is not going to blow up, according to the description of the soft ...

Again, thanks a lot for your help
Furax44 is offline   Reply With Quote
Old 01-27-2012, 03:34 AM   #9
kakkerlak
 
Banned
Join Date: Feb 2004
Reputation: 2165
Posts: 24,008
you cant put steam accounts in the recyclebin , the steam folders you mean.

maybe not too smart to use the folders from the recyclebin to change passwords and what not.
change all the passwords again after the format use fresh files and installs.
kakkerlak is offline   Reply With Quote
Old 01-27-2012, 07:49 AM   #10
hua91
 
 
 
Join Date: Dec 2010
Reputation: 16
Posts: 390
Run your computer in Safe Mode, use Malwarebyte Anti-Malware and Superantispyware for scanning your computer.

First run it on Quick Scan, if you found anything malicious, run a full scan on your computer although it may take sometime.

After that, you have to reboot your computer, run it in normal mode and rescan everything, as some of the virus may recreate themselves when reboot.

If you still found something malicious, you have 2 options, Format or Not to Format.
If you prefer not to reformat, try to ask some expert to seek out anything malicious by using HijackThis.( Do not use it on yourselves, you may need to have ALOT of knowledge on this software to use it )

Hope this helps. Good Luck.
hua91 is offline   Reply With Quote
Reply

Go Back   Steam Users' Forums > Steam Discussions > Help and Tips


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT -7. The time now is 10:47 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site Content Copyright Valve Corporation 1998-2014, All Rights Reserved.