Yes I've seen several of my friends with a link on their profile. My wife was recently sent this link by a friend, so I decided to investigate. Turns out the capture link will install Malware then steal your account along with all your items, cards and games. Be careful out there players!
Steam
Concept »
A digital distribution service owned by Valve Corporation. Originally created to distribute Valve's own games, Steam has since become the de facto standard for digital distribution of PC games.
Capture link in steam is Malware
@hassun said:
Could you give us some more information so we know what to look out for?
I am inclined to believe this is a spam bot or something weird (we seem to get a lot of weird spam bots on these forums).
The only capture link in a steam profile I can think of is legit, and isn't malware. I can't even think of a way to embed malware in you profile since Steam blocks HTML and linking altogether within profiles- last I checked.
What the OP describes is receiving an IM from someone (probably randomly I might add) which could be malicious just as any link randomly sent to you could. It is good practice (and has been for the past 20 years) to never click on links from people you don't know... anywhere.
The more you know =)
I can vouch for this. A friend of mine recently had his Steam account hacked. The hacker sent messages to all my friend's Steam friends. It read something along the lines of "Hey I got a funny shot of you while you were playing a game! Check it out! <insert suspicious link here>"
Needless to say I didn't click the link. But yeah, this is a real thing that people are doing. Watch out.
EDIT: At least, I assume this is what @dragonm is talking about.
These are typically links to screenshots hosted on vaguely official or legit looking sites which are actually malware hosts. The screenshot.jpg URL will be redirected to screenshot.jpg.scr, which is a Windows portable screensaver executable. The victim then downloads and runs this file, which is of course malicious code and not a screenshot at all. Compromised accounts then spread the link amongst their friends lists.
There are other scams and stuff going around but this is the most prevalent one at the moment, I think.
These are typically links to screenshots hosted on vaguely official or legit looking sites which are actually malware hosts. The screenshot.jpg URL will be redirected to screenshot.jpg.scr, which is a Windows portable screensaver executable. The victim then downloads and runs this file, which is of course malicious code and not a screenshot at all. Compromised accounts then spread the link amongst their friends lists.
There are other scams and stuff going around but this is the most prevalent one at the moment, I think.
This is probably the most common technical method people use to steal accounts for the purpose of acquiring DotA cosmetics. Other common methods usually involve some level of social engineering like malicious users adding people and then changing their steam name to match one of their friends or asking the target individual to be a 'stand in' for a Dota tournament and manipulating them into downloading a bogus mumble/teamspeak/vent client.
I have my Steam profile set to only allow posts from people on my friends list, so I haven't gotten these myself, but I've seen them when visiting other people's profiles.
I've also seen stuff in the format site.domain/screenshot.png/ (but I've forgotten the actual URL's).
Just got another one today:
This URL redirects to screenshot.scr, typical malware disguised as a Windows portable screensaver executable.
This stuff is extraordinarily simple to avoid, yet unfortunately still works a lot. A little bit of common sense is all you need to protect yourself from these malicious links.
So in other words better not see screen shots on steam , got it. (good thing I have only 2 friend on steam , but even then I never interact with them nor would see their screen shots anyway)
The actual steam screenshots are fine. It's when someone gives you a link to suspiciousdomain.party/screenshot.jpg
Please Log In to post.
This edit will also create new pages on Giant Bomb for:
Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.Comment and Save
Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.
Log in to comment