top of page

New hacking campaign targeting Steam users

Updated: Sep 23, 2022

A short while ago, Group-IB published a statement reporting that hackers were launching attacks to steal Steam credentials using a new and increasingly popular Browser-in-the-Browser phishing technique.

This technique creates fake browser windows in active windows. Victims are lured by direct messages on Steam inviting them to join a team for certain tournaments (LoL, CS, Dota 2...). The shared links take the targets to a phishing site that appears to be an organization that sponsors and hosts e-sport competitions. To join a team, players must log in with their Steam account and therefore fill in personal information then stolen.

Group-IB claims that the phishing kit used to attack Steam accounts is not spread on hacking forums or dark web markets. It is only used privately by hackers who exchange on Discord or Telegram to coordinate.

Recent Posts

See All

Collateral victims of a cyber attack, several websites in the Côtes-d'Armor department have been inaccessible since Monday, May 15. This incident was caused by a cyber attack targeting Group DIS, a ho

Two months ago, the Senate suffered a cyber attack that resulted in the temporary unavailability of its website for several hours. On May 5th, the Senate's website was again the target of an attack an

Between April 11 and 12, the French national meteorology agency, Météo-France, was the victim of a cyber attack. It was a denial of service attack that prevented Internet users from accessing the comp

Follow our adventures !

  • Discord
  • Twitter
  • Linkedin

Subscribe to our newsletter

Be notified every time we have news !

Thanks for subscribing !

By subscribing, I agree to the General Terms of Use and Privacy Policy.

bottom of page