TOPIC: Malware going around Steam Comments on Profiles.

Moral of the post.

Wallcop wrote:
<strong>Warning! Adult Link!</strong>
Click

If you click on suspicious links, you kind of deserved to be hacked. Take it as a lesson, trust nothing on the internet.

Yotsugi wrote:
Alright, I cant trust anything on the internet. I cant trust you Lightarrows then. All this time you were making anime lists with bad anime. Hue hue hue.

For the people who don't know what this is -
Its a link to a steam stealer
It will steal everything you got on your inventory and it will send it to who ever it was programmed to.

Why would the anti virus company do something? This isn't a virus, this is a EXE that uses your account by grabbing your steam_api.dll , steam ssfn files. They do that because when normal hacking, the hacker some times need to wait 14 days to trade due to steam guard. So some guy, made this in the idea of not waiting for steam guard cooldown, so in short
-You downloaded the EXE
-You Execute it
-It grabs your steam_api.dll & ssfn files
-It commands the files to send a trade offer of all your steam items
-Items go to the hackers alts then the alts send to his main, then he sells the items and makes loads of money

Those files are very important, they can be used to control any part of your steam. Just not change passwords.

So no, it's not a
-Keylogger
-Virus

Just a simple coded exe grabber and modifier. Hope you learnt something new today, have a nice day.

Some Information:

The hacker/Idiot has loads of money, he's making new sites everyday. So beware everyone.
Reporting the bots won't help.

-Mate

Chris_Smith wrote: You sir a wrong. May I point out that this is like saying (A form grabber steals Ws2_32.dll) DLLs are libraries and store no data except in memory (Point on Hooking functions).

They simply use the SteamAPI.


Correct they are not viruses or keyloggers, Neither is betabot, neutrino, Zeus (I include citadel), Spyeye, LoadHTTP, smoke, dexter, or most other malware.

Very sure that you were gonna quote me, but hey. I have mentioned that they grab/command your Steam_api.

I do not understand one thing you just said soxey

Best argument of arguments ever. Love how this lead to a malware warning to an argument on how the "hackers" do this technique. You sirs need to go outside

Chris_Smith wrote:

Also your comment about the Anti virus companies is complete bullshit. They really deal with all types of malware, and unwanted software. I will say, using your logic they don't care about Zeus, the most used Malware and that stole ~$50Mil, but they do. (even though 40% of zeus is detected, mainly because anti virus companies are slower then the Crypter developers)

Instead of going on complaining about how people are giving "wrongful" information, go and make a post, a big one your self talking about it. Bringing all those unwanted malware names won't make you look smarter at all.

spanish wrote:
Also what I mean't about grabbing is that it searches for your file, then modifies it. Instead of going on complaining about how people are giving "wrongful" information, go and make a post, a big one your self talking about it. Bringing all those unwanted malware names won't make you look smarter at all. What I was doing on that post is giving people a simple idea of how it works.

After research, it is a malware but a type that modifies files and has connection with it's host, it also sends information of if you launched, when you launched, and so on.

This "malware" has been going on for a year, and guess what? Anti-Virus companies haven't done shit about it. So you might be wrong, you're right it deals with all sorts of malwares, but this is just nothing to them. If it was, they would've added it to there database. Only a few AntiVirus companies can detect this .scr file.

Info: When it downloads the SCR file it will look like it's PNG, but it isn't, it's just named .PNG

<strong>What happens when you open it?</strong>

You'll just get a picture of a Ballistic Knife, meaning that you're basically f**cked.