Steam accounts are being stolen by this devious phishing attack
Date:
Tue, 13 Sep 2022 20:52:14 +0000
Description:
Pro gamers targeted with "browser-in-browser" attacks, with stolen Steam accounts sold off on the black market.
FULL STORY ======================================================================
Steam users are being targeted by cybercriminals looking to steal accounts, a new report from Group-IB has claimed.
The experts uncovered a group of hackers using an elusive phishing kit to try and lure gamers into giving away their Steam login credentials, and once they do, the crooks will try to sell their accounts on the black market.
The thefts can allegedly be rather lucrative, with some of the more high-profile accounts reportedly selling for as much as $100,000 to $300,000 apiece. Fake popups
The group gathers either on Discord or Telegram and uses a phishing kit capable of browser-in-browser attacks, something not as widely distributed among the cybercrime community as some other tools.
What theyll do is try and reach out to pro gamers on Steam and invite them to a tournament for one of the more popular titles, such as League of Legends, Counter-Strike, Dota 2, or PUBG. The invitation will carry a link, which will bring the victim to a website that looks like it belongs to an organization sponsoring and hosting esports tournaments.
To sign up for the tournament, the victims will be asked to log into their Steam accounts, which will look like a regular login pop-up page. However, that login page isnt a browser popup, but rather an entire fake window, created within the current page. That makes it extremely difficult for the victim to spot theyre being attacked, especially because the link in the search bar will look legitimate. Read more
Watch out - that WeTransfer link could be a phishing scam
This Facebook Messenger phishing scam may have trapped millions of users
Here's our pick for the best ID management software around
After typing in their credentials, the targets will also be asked for their 2FA code, and if they fail to provide the right one, the website will display an error message. If they provide the right code, however, theyll be redirected to a legitimate URL, further hiding the theft .
Generally speaking, the best way to defend from these types of attacks is to block JavaScript, but given that such an aggressive measure would break many popular websites, it cant be recommended. Instead, gamers are urged to be extra vigilant when receiving any links anywhere, Discord and Telegram included. These are the best firewalls right now
Via: BleepingComputer
======================================================================
Link to news story:
https://www.techradar.com/news/steam-accounts-are-being-stolen-by-this-devious -phishing-attack/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)