Recherche : [steam] - Cyberveille

Twilio denies breach following leak of alleged Steam 2FA codes https://www.bleepingcomputer.com/news/security/twilio-denies-breach-following-leak-of-alleged-steam-2fa-codes/

18/05/2025 12:16:51

Twilio has denied in a statement for BleepingComputer that it was breached after a threat actor claimed to be holding over 89 million Steam user records with one-time access codes.

The threat actor, using the alias Machine1337 (also known as EnergyWeaponsUser), advertised a trove of data allegedly pulled from Steam, offering to sell it for $5,000.

When examining the leaked files, which contained 3,000 records, BleepingComputer found historic SMS text messages with one-time passcodes for Steam, including the recipient's phone number.

Owned by Valve Corporation, Steam is the world's largest digital distribution platform for PC games, with over 120 million monthly active users.

Valve did not respond to our requests for a comment on the threat actor's claims.

Independent games journalist MellolwOnline1, who is also the creator of the SteamSentinels community group that monitors abuse and fraud in the Steam ecosystem, suggests that the incident is a supply-chain compromise involving Twilio.

MellowOnline1 pointed to technical evidence in the leaked data that indicates real-time SMS log entries from Twilio's backend systems, hypothesizing a compromised admin account or abuse of API keys.

PirateFi game on Steam caught installing password-stealing malware https://www.bleepingcomputer.com/news/security/piratefi-game-on-steam-caught-installing-password-stealing-malware/

16/02/2025 14:28:40

A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users.

LummaC2 Malware Abusing the Game Platform 'Steam' - ASEC BLOG https://asec.ahnlab.com/en/68309/

29/07/2024 09:29:05

LummaC2 is an Infostealer that is being actively distributed, disguised as illegal programs (e.g. cracks, keygens, and game hacking programs) available from distribution websites, YouTube, and LinkedIn using the SEO poisoning technique. Recently, it has also been distributed via search engine ads, posing as web pages of Notion, Slack, Capcut, etc.

Reference: Distribution of MSIX Malware Disguised as Notion Installer

Steam game mod breached to push password-stealing malware https://www.bleepingcomputer.com/news/security/steam-game-mod-breached-to-push-password-stealing-malware/

30/12/2023 10:56:09

Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system.

Steam Adds Security Layer for Devs After Some Had Their Accounts Compromised and Malware Was Injected in Games https://wccftech.com/steam-adds-security-layer-for-devs-after-some-had-their-accounts-compromised-and-malware-was-injected-in-games

12/10/2023 18:23:12

Valve has added a new security layer for developers who publish their games on Steam after a few had their accounts hacked.

Fake sites stealing Steam credentials https://www.zscaler.com/blogs/security-research/fake-sites-stealing-steam-credentials

28/03/2022 14:19:53

Recently, the Zscaler ThreatLabZ team came across multiple fake Counter-Strike: Global Offensive (CS:GO) skin websites aimed at stealing Steam credentilsa.

Liens par page

Filtres