Overclockers UK Forums Click here for more details
Free Shipping for Loyal Forum Members - CLICK HERE

Go Back   Overclockers UK Forums > Life > General Discussion

Reply
 
Thread Tools
Old 6th Mar 2014, 19:15   #1
Ace Modder
Antec Rep
 
Ace Modder's Avatar
 
Joined: Sep 2003
Location: At the pub
Posts: 20,615
Steam being hacked?

Hi guys.

I've just got this message



Little Devil Case, 5930K, X99-SOC, 16GB DDR4 3gHz , 1TB 850 SSD, 2x GTX980
Ace Modder is offline   View trust for Reply With Quote
Old 6th Mar 2014, 19:16   #2
spoffle
Capodecina
 
Joined: Jul 2012
Posts: 14,102
That would be cracking, rather than hacking.
spoffle is online now   View trust for Reply With Quote
Old 6th Mar 2014, 19:17   #3
bitslice
PermaBanned
 
Joined: May 2006
Posts: 9,042
Hacker has no friendly name!
bitslice is offline   View trust for Reply With Quote
Old 6th Mar 2014, 19:21   #4
DanielMMS
Wise Guy
 
Joined: Feb 2011
Posts: 1,109
I've had an unsolicited email to help me reset my password today. Looks like someone tried to access Steam.

ASUS P8P67 Pro • Intel i5-2500K • Gelid Tranquillo • Corsair 8GB DDR3
Corsair 500W • OCZ Vertex 2E 120GB • Seagate 2TB • LG BDRW
LG 24x DVDRW • MSI R6950 Twin Frozr III • Benq G2420HD
DanielMMS is offline   View trust for Reply With Quote
Old 6th Mar 2014, 19:24   #5
Ace Modder
Antec Rep
 
Ace Modder's Avatar
 
Joined: Sep 2003
Location: At the pub
Posts: 20,615
The thing is, I got an email asking me to enter the steam guard code on my email, but it appears to be unread...at 2pm today

Just got home and steam showed me that msg in my OP when it first logged in.

But the account access was authorised?

I've changed my steam password now anyway.


Little Devil Case, 5930K, X99-SOC, 16GB DDR4 3gHz , 1TB 850 SSD, 2x GTX980
Ace Modder is offline   View trust for Reply With Quote
Old 6th Mar 2014, 19:24   #6
Rroff
Caporegime
 
Rroff's Avatar
 
Joined: Oct 2006
Posts: 43,378
Do you use same credentials for steam and kickstarter? rumours that the stolen password hashes were cracked from that.

You can mark emails as unread after reading them so that doesn't necessarily mean anything but does seem strange.

Samsung 700G7C, i7 3610QM, 16GB DDR3, GTX 675M.
i7 4820K, GB X79-UD3, KHX Beast 16GB DDR3, Palit GTX1070, 840 EVO 250GB, KHX 3K 240GB, Seasonic 860w Platinum.
Rroff is offline   View trust for Reply With Quote
Old 6th Mar 2014, 19:57   #7
Ace Modder
Antec Rep
 
Ace Modder's Avatar
 
Joined: Sep 2003
Location: At the pub
Posts: 20,615
what is kickstarter?


Little Devil Case, 5930K, X99-SOC, 16GB DDR4 3gHz , 1TB 850 SSD, 2x GTX980
Ace Modder is offline   View trust for Reply With Quote
Old 6th Mar 2014, 19:59   #8
davido_labido
Mobster
 
davido_labido's Avatar
 
Joined: Sep 2012
Location: Stoke / Nottingham
Posts: 3,914
i have this from time to time man, mine usually originate from Thailand..

those lady boys want me.


I now have a small website! CLICK ME
davido_labido is offline   View trust for Reply With Quote
Old 6th Mar 2014, 19:59   #9
Rroff
Caporegime
 
Rroff's Avatar
 
Joined: Oct 2006
Posts: 43,378
If you have to ask then that wouldn't have been where they got your details from heh.

Samsung 700G7C, i7 3610QM, 16GB DDR3, GTX 675M.
i7 4820K, GB X79-UD3, KHX Beast 16GB DDR3, Palit GTX1070, 840 EVO 250GB, KHX 3K 240GB, Seasonic 860w Platinum.
Rroff is offline   View trust for Reply With Quote
Old 6th Mar 2014, 20:03   #10
diamount
Wise Guy
 
Joined: Sep 2008
Posts: 1,980
Not much they can do on your account other than playing your games.
diamount is offline   View trust for Reply With Quote
Old 6th Mar 2014, 20:17   #11
andshrew
Wise Guy
 
andshrew's Avatar
 
Joined: Oct 2002
Posts: 2,324
If you haven't already change your e-mail accounts password too and don't use the same one you've used for Steam.


PSN/Live: andshrew
andshrew is offline   View trust for Reply With Quote
Old 6th Mar 2014, 20:22   #12
arknor
Caporegime
 
arknor's Avatar
 
Joined: Nov 2005
Location: Newcastle/Zurich
Posts: 34,497
I'd get scanning my drive and checking taskmanager/msconfig

arknor is offline   View trust for Reply With Quote
Old 6th Mar 2014, 20:24   #13
ins0mn1ac
Soldato
 
Joined: Aug 2006
Location: Cardiff
Posts: 5,723
Happened to me before but SteamGuard saved me, it's a brilliant system and should be used with more programs!
ins0mn1ac is offline   View trust for Reply With Quote
Old 6th Mar 2014, 20:26   #14
Rroff
Caporegime
 
Rroff's Avatar
 
Joined: Oct 2006
Posts: 43,378
Quote:
Originally Posted by diamount View Post
Not much they can do on your account other than playing your games.
And cheat on your games getting your game(s)/account barred, or depending on what payment details you have saved possibly buy/gift a load of games.

Samsung 700G7C, i7 3610QM, 16GB DDR3, GTX 675M.
i7 4820K, GB X79-UD3, KHX Beast 16GB DDR3, Palit GTX1070, 840 EVO 250GB, KHX 3K 240GB, Seasonic 860w Platinum.
Rroff is offline   View trust for Reply With Quote
Old 6th Mar 2014, 20:32   #15
diamount
Wise Guy
 
Joined: Sep 2008
Posts: 1,980
Quote:
Originally Posted by Rroff View Post
And cheat on your games getting your game(s)/account barred, or depending on what payment details you have saved possibly buy/gift a load of games.
Your payment details aren't saved after a transaction.
diamount is offline   View trust for Reply With Quote
Old 6th Mar 2014, 20:36   #16
davido_labido
Mobster
 
davido_labido's Avatar
 
Joined: Sep 2012
Location: Stoke / Nottingham
Posts: 3,914
they are on mine :P


I now have a small website! CLICK ME
davido_labido is offline   View trust for Reply With Quote
Old 6th Mar 2014, 20:37   #17
Rroff
Caporegime
 
Rroff's Avatar
 
Joined: Oct 2006
Posts: 43,378
Quote:
Originally Posted by diamount View Post
Your payment details aren't saved after a transaction.
You can have a cached payment method on steam.

Samsung 700G7C, i7 3610QM, 16GB DDR3, GTX 675M.
i7 4820K, GB X79-UD3, KHX Beast 16GB DDR3, Palit GTX1070, 840 EVO 250GB, KHX 3K 240GB, Seasonic 860w Platinum.
Rroff is offline   View trust for Reply With Quote
Old 6th Mar 2014, 20:41   #18
diamount
Wise Guy
 
Joined: Sep 2008
Posts: 1,980
Quote:
Originally Posted by Rroff View Post
You can have a cached payment method on steam.
Yes, but those are through payment gateways which have their own anti-fraud systems. So an IP originating from an entirely different country would probably flag a transaction up as fraudulent.
diamount is offline   View trust for Reply With Quote
Old 7th Mar 2014, 06:17   #19
colax
Gangster
 
Joined: Apr 2010
Posts: 102
If it says it was authorized it means they have access to your email, because they entered the Steam Guard code correctly. Emails can be reflagged as unread by most email programs so get changing those passwords and run some scans.

Usually they steal your Game items (TF2 Hats, CS:GO Guns, ETC), trading cards, backrounds, and emotes. Or just generally carp on you with a VAC ban on games.
colax is offline   View trust for Reply With Quote
Old 7th Mar 2014, 06:27   #20
bledd
Underboss
 
bledd's Avatar
 
Joined: Oct 2002
Location: Parts Unknown
Posts: 44,012
Use a crazy password for your email.

Use a different crazy password for Steam.


Very good site here for testing passwords.
https://howsecureismypassword.net/


^Personally, I'd only type in something 'similar' to my password into a site like that, but you get the idea. Good for testing your old passwords to see how insecure they are.


-My email password (edited a bit for the site)
Quote:
It would take a desktop PC about
6 decillion years
to crack your password

Last edited by bledd; 7th Mar 2014 at 06:30.
bledd is offline   View trust for Reply With Quote
Old 7th Mar 2014, 07:50   #21
K1LLSW1TCH
Caporegime
 
Joined: Mar 2009
Posts: 26,631
2 billion years for a desktop PC to crack my password for Steam apparently.


i5 6600K // Reference GTX 1070 // 16GB Vengeance LPX 3000MHz // MSI Z170I
K1LLSW1TCH is offline   View trust for Reply With Quote
Old 7th Mar 2014, 07:57   #22
robj20
Mobster
 
Joined: Apr 2007
Location: Manchester
Posts: 4,474
2 tredecillion years for my steam password, i use a password generator and have my passwords stored on a usb stick, i cant remember any of them most are at least 30 characters.

robj20 is offline   View trust for Reply With Quote
Old 7th Mar 2014, 09:10   #23
Burnsy2023
Man of Honour
 
Burnsy2023's Avatar
 
Joined: Nov 2003
Location: Southampton, UK
Posts: 35,375
Quote:
Originally Posted by bledd. View Post
Use a crazy password for your email.
Or even better, use gmail and 2 step auth.


Burnsy2023 [at] ocukdons [dot] co [dot] uk
Burnsy2023 is offline   View trust for Reply With Quote
Old 7th Mar 2014, 09:14   #24
Freakbro
Sgarrista
 
Freakbro's Avatar
 
Joined: Jul 2010
Location: Lincs
Posts: 8,723
1 Year to crack my Steam password....that's long enough for me as I guess they wouldn't be that bothered!

Freakbro is offline   View trust for Reply With Quote
Old 7th Mar 2014, 09:19   #25
platypus
Caporegime
 
platypus's Avatar
 
Joined: Jul 2003
Location: Rhône-Alpes+Cambridge
Posts: 36,922
Yeah I've got a 50 char complex password (max it would allow) and 2step for my email.

platypus is offline   View trust for Reply With Quote
Old 7th Mar 2014, 09:25   #26
Freakbro
Sgarrista
 
Freakbro's Avatar
 
Joined: Jul 2010
Location: Lincs
Posts: 8,723
I don't get this using such complex passwords, as are they ever brute forced by using a permutation method? or are they just intercepted, keylogged or stolen from someone elses database, thus rendering the complexity irrelevant?

Freakbro is offline   View trust for Reply With Quote
Old 7th Mar 2014, 09:28   #27
platypus
Caporegime
 
platypus's Avatar
 
Joined: Jul 2003
Location: Rhône-Alpes+Cambridge
Posts: 36,922
Well it's no skin off my nose to generate a 10, 20 or 50 character password, so I'll use the longest and most complex one I can. And yeah you're right if someone gets a hold of my usb stick then they will have access to my passwords, unfortunately the line has to be drawn somewhere.

I used to have a 25 character complex password that I typed in by hand. Every time. Now that was a pain.

platypus is offline   View trust for Reply With Quote
Old 7th Mar 2014, 09:34   #28
kokuten
Wise Guy
 
kokuten's Avatar
 
Joined: May 2011
Location: Newcastle upon Tyne
Posts: 1,356
password123 for me all the way
kokuten is offline   View trust for Reply With Quote
Old 7th Mar 2014, 09:35   #29
Theophany
PermaBanned
 
Theophany's Avatar
 
Joined: Sep 2010
Location: PermaProbation.
Posts: 10,052
Obligatory xkcd:



e: forgot this wasn't /.
Theophany is offline   View trust for Reply With Quote
Old 7th Mar 2014, 09:38   #30
platypus
Caporegime
 
platypus's Avatar
 
Joined: Jul 2003
Location: Rhône-Alpes+Cambridge
Posts: 36,922
Yeah, always put spaces in your passwords.

platypus is offline   View trust for Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 02:15.


Powered by vBulletin®
Copyright ©2000 - 2016, Jelsoft Enterprises Ltd.
© Overclockers UK (Ocuk Ltd)