Apparently, millions of dollars worth of CS:GO skins have been stolen over the past few years. Now even Steam Support is being accused of being involved
Since 2021, accounts on Steam have been „hacked” again and again and especially CS:GO skins worth hundreds of thousands, probably even millions of dollars, have been stolen.
Meanwhile, even Steam support employees are accused of being involved in the plot. What’s behind the story, how is Steam reacting and what can you do to protect yourself from the hacks?
Millions stolen – with the help of support staff?
Apparently, there have been repeated attacks on Steam accounts that have expensive CS:GO skins in their inventory since 2021. Russian Youtuber Mzkshow tells the story in great detail in a video. The video is in Russian, but with the help of the automatically generated subtitles, the most important points can still be understood.
In summary, the situation is the following: There are hackers who hack into other people’s Steam accounts – preferably those that have been inactive for quite some time and have a lot of valuable skins on them.
Why inactive accounts? It has to do with the method the hackers use.
Apparently, there were accomplices among Steam support staff. One name that keeps coming up is an employee named „Alexander”. Accomplices such as Alexander apparently accessed the account details of the desired accounts and then sent them to the hackers.
Since support employees do not have access to Steam passwords, a detour via password recovery was used. For this, the hackers needed data such as past order numbers or the answers to security questions.
With the help of this data, the hackers were able to contact the official support and pretend that they were the owners of the accounts and had forgotten their password after the long period of inactivity. After recovery, they just had to log in and transfer the items to their own accounts.
A specific case is described by the user „quY” on Twitter:
Last year Qkss got community banned and lost millions of $ worth of skins, however, the reason why he got banned was never clear. Now, I can pretty much confirm that his account got steam support hacked by 'alexander’. Why do I think so? I will explain further. https://t.co/CmBo3AttWA
– quY (@quyy112) February 20, 2023
You can watch the video of Mzkshow here:
How were the skins sold?
Many of the skins were sold through external skin trading sites. However, some of the most expensive ones were sold through respected members of the community like „Anomaly” or „zipeL”, who had no idea that they had been contacted by hackers.
OG Chinese player reached out to me to sell these for him. He had been AFK since 2016 🤯
FN Howl 0.03 IBUYPOWER (Holo) + Titan (Holo)
Titan Holo unappliedBoth being sold in a week. Offers in DM 🤠🤝 pic.twitter.com/VbEctrI0BF
– zipeL🇩🇰 (@zipelCS) August 4, 2021
How does Valve react and what can you do to protect yourself?
Unfortunately, it is unclear what measures CS:GO and Steam publisher Valve can take to prevent attacks of this nature.
Mzkshow argues in the video that they need to stop outsourcing Steam support. Unfortunately, this will be nearly impossible, as there are about 1.5 billion Steam accounts worldwide that need to be managed. It remains to be seen if Valve will respond and adjust account recovery procedures, for example.
Most of you probably don’t have to protect yourself at all, because so far mainly accounts with a value in the six-digit range and that have been inactive for at least a hundred days have been targeted.
However, if your accounts meet these criteria, it is recommended that you log in regularly to avoid being inactive. Also, it makes sense not to buy accounts, because firstly, this is not allowed by Steam anyway, and secondly, with purchased accounts, you may not have all the data you would need to restore the account.