Steam Accounts are Being Stolen Using a Browser-in-the-Browser Phishing Technique

Hackers have found a new way to hack Steam accounts.

Group-IB mentioned in its latest report that hackers have launched a new hacking campaign using a new hacking method that allows them to go sell the Steam accounts of various professional gamers.

Group-IB is a Singapore-based cybersecurity firm that provides customers solutions for counteracting cyber attacks, eliminating fraud, and protecting brands worldwide, per the firm's About Us page.

Steam Hacking Exploit Details

Group-IB stated in its report that hackers are now using a new hacking method called "browser-in-the-broswer" phishing technique to illegally gain access to someone's Steam account.

According to the firm, a researcher who goes by the name mr.dOx first found the method hackers are now exploiting to gain access to people's Steam accounts, which starts with a phishing resource.

Hackers would first lure a professional gamer with a Steam account to a bait webpage that contains a log-in button by sending invites to them to a group for an upcoming esports tournament or having them vote for the hacker's favorite team. The hacker could also ask the professional gamer to buy discounted tickets to cybersport events and similar activities.

If the professional gamer obliges, they will be redirected to a phishing site that would create a fake browser window that looks almost similar to Steam's log-in page.

This fake window is the result of hackers capitalizing on the fact that Steam uses a pop-up window for user authentication instead of a new browser tab.

Once the professional gamer enters their account's credentials and successfully completes the two-factor authentication step Valve added to Steam, the hacker will receive and sell them in hacking forums, dark web markets, or secure messaging apps like Discord or Telegram, per Bleeping Computer.

In some cases, viewers of a gameplay video are given invites to visit another resource to receive a free in-game skin, which would redirect users to a phishing site similar to hackers use to gain the login credentials of professional gamers.

How To Spot The Attack And How To Prevent It

Although the fake browser window does look similar to Steam's log-in window, there is a major difference between the two. However, it takes a bit of know-how to do so.

The fake browser window the phishing site opens and Steam's authentic log-in page uses the same URL and SSL certificate lock symbol complete with HTTPS connection. The former can also be manipulated by the potnetial victim through minimizing and maximizing it, as well as closing it to make the window more authentic.

However, the difference between the fake and authentic windows is that the fake one requires JavaScript for it to pop up as intended.

As such, blocking JavaScript would prevent the fake window from appearing.

Regardless if you have a JavaScript blocker or not, it is still more advised by professionals to not clock on links from untrusted sources and filter or ignore unknown direct messages and emails., per PC Gamer.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics