A short while ago, Group-IB published a statement reporting that hackers were launching attacks to steal Steam credentials using a new and increasingly popular Browser-in-the-Browser phishing technique.
This technique creates fake browser windows in active windows. Victims are lured by direct messages on Steam inviting them to join a team for certain tournaments (LoL, CS, Dota 2...). The shared links take the targets to a phishing site that appears to be an organization that sponsors and hosts e-sport competitions. To join a team, players must log in with their Steam account and therefore fill in personal information then stolen.
Group-IB claims that the phishing kit used to attack Steam accounts is not spread on hacking forums or dark web markets. It is only used privately by hackers who exchange on Discord or Telegram to coordinate.
