Thread replies: 27
Thread images: 7
Thread images: 7
/g/entlemen,
I am receiving the attached warning by email almost every month.
What can be the source of them gaining my steam password?
-I use a +20 character password for Steam, and change it every time i get the warning
-My email password is same length, but is never hacked (otherwise they'd have the steam account)
-I use both passwords regularly on all computers, so I would rule out keyloggers, as that would already have cause me to lose my account.
Based on these points the possibility of cracking the password should take +10,000 years.
Only thing I could assume is that hackers can get into Steam passwords. Which would be a big deal.
>>
File: Screenshot_20170831-041500.png (341KB, 720x1280px) Image search:
[Google]
341KB, 720x1280px
>>62178889
Install gentoo
>>
>BR
UMA
Probably a keylogger
>>
>>62178889
>Both passwords
Use keepass, dumbass.
>>
>>62178935
keepass is worthless on an untrusted machine.
Also NEVER store your main email address password in a database. That shit should be on paper somewhere safe or in your head.
Email passwords are master passwords themselves nowadays.
>>
>>62178916
This is first attempt from BR, i had RU and India earlier for instance.
Each time had password change in between.
Seems unlikely this is a keylogger, but to exhaust all possibilities what software should I use to scan for that as well.
>>
>>62178955
Try MalwareBytes
>>
Reinstall your whole windows but don't use that shady "full_free_windows_7.exe"
>>
>>62178955
I would honestly just fresh install OS to be safe.
>>
>>62178946
I have all my passwords in my head following this model for easy remembering;
RndWord!!RndWord!!RndWord12
Aka Random words with some letters capitalized, special characters and two numbers.
>>
It's a rat you dumb shit.
Reinstall your OS and if its windows switch to linux.
You killed a thread for a sqt post kys
>>
>>62178979
>I would honestly just fresh inst
Ok, my devices are;
-Work computer which I am handing in for formatting today since I'm switching jobs.
-Home Laptop (likeliest culprit) which I could format as well as just uninstall steam from permanently
-Home desktop, which is new with a fresh install from 8months ago or so. but i can also reinstall that one.
However my point remains, if i have a keylogger, wouldn't the hacker also have my email password and hence be able to hijack all my accounts.
Unless they have no idea what they are doing.
>>
>>62179012
A rat would require the computer to be switched on during the hacking attempt?
At the time of the attack i believe none of my computers were switched on.
>>
Steam probably has atrocious database security, this could be a symptom of a massive hacking scandal on its way.
>>
>>62179022
It's likely not a key logger, but unless it's an error on valve's part you must have some form of malware if it's managing to keep getting your password. Even if it suddenly stops I'd still format, though it's annoying it's better than having all your shit broken into
>>
>>62179238
Fair enough. I guess i'll go for that to be safe.
>>
>>62178889
seems like you downloaded a sexywomans.pussy.free?cleannovirus.exe/bat.
All the basic ratting frameworks like metasploit and powershell empire have password extraction from browser and steam client. If it has established persistence, changing the passwd wont mean shit. Run various antiviruses. If nothing is found, do a full wipe.
>>
What applications do you have installed? What do you use regularly or each month?
>Format and reinstall entirely
>Change passwords
>Don't use voice chat in Steam as it exposes your IP address
>Don't use teamspeak, skype, mumble, ventrilo etc. instead just use Discord but preferably none
Either they're stealing saved credentials from your browser or you're getting phished from one of your "friends". I've known people before who had 5+ year "online friendships" with someone all part of a social engineering operation to steal everything from them i.e all of their social media accounts, battlenet, uplay, steam, itunes and so forth
>>
>>62178889
go to "have i been pwned" and enter your email, it'll tell you if you were on a database of users that got leaked.
bonus points if the leak came from plain text passwords (for some reason people can't use hashes yet).
>>
Just use an authenticator. There's literally nothing they can do, as long as they don't have access to your phone.
Same goes for your e-mail. Nowadays not using any kind of 2-step verification process for your important accounts is beyond stupid.
>>
File: doggo2.jpg (105KB, 540x534px) Image search:
[Google]
105KB, 540x534px
>>62178889
You're obviously keylogged if they consistently know the password. And yes, they probably also have all your other passwords.
Stop running rogue .js files in Winshit 10 anon, it's not healthy.
>>
File: 5Kg7Y04.jpg (65KB, 431x450px) Image search:
[Google]
65KB, 431x450px
>>62178955
>attempt from BR, i had RU and India earlier
>Seems unlikely this is a keylogger
>>
File: 1502342607907.png (271KB, 507x507px) Image search:
[Google]
271KB, 507x507px
>>62178955
>Seems unlikely this is a keylogger
>>
>>62180449
wtf is that kill it with fire
>>
File: lovecraftiandoggo.jpg (100KB, 467x458px) Image search:
[Google]
100KB, 467x458px
>>62180486
You think fire works here?
>>
>>62178889
Must be a keylogger or other malware of that sort if what you are saying about your password is true.
You MUST reinstall windows, preferably while disconnecting internet while backing stuff to a USB/external drive. You can never be 100% sure that anti-virus/malware programs will find everything, so don't even be lazy about it, there's someone potentially monitoring your every move.
>>
>>62178889
You have a keylogger installed on your computer you dumbass, how do you go through that 4 times without reinstalling your OS?
Thread posts: 27
Thread images: 7
Thread images: 7