3factor authentication

in #tyrnannoght3 months ago (edited)

I probably should share the knowledge

first a word :


We have to respect the architect here, the website built around the psychological trigger of "IM NOT STUPID i wont enter my password i'll use the 2fac app and sms confirmation ! that way nothing can go wrong. So whoever set that up clearly has some skills and like the lulzec dread should probably be hunted and enlisted by the kgb, mossad or CIA

HOWEVER : we can not agree with having our money taken and this is a confirmation of one of the main theories we developed through living over the span of decades : "all humans are filth and among them Americans are exceptional scumbags." If someone comes up to you to ask anything , bet your 99% ass they want something they're not saying.

But what's worst is the way Valve handles this (more like "handles this not") and treats a 15 year-recurring paying customer on top of "for your safety the trades are on cooldown for x days" followed by the support guy saying "we cant just take the money out of someones account" MEANING the item they bought after hijacking my account is on cooldown but THE MONEY THAT WENT OUT OF MINE AINT ... it must be "american reasoning"

SO its had it had to end this way after 15 years, i never even lived with a woman that long and have her drain me of money ... i probably paid valve more than i did any of my exes (lol?) ... well maybe thats not true, some of them had a 200 dollar a day habit (lol ... o but THATS TRUE)


SO ...


i fear we are not the president of EUrasia so we dont make threats : if we dont get refunded we'll never buy anything from Valve again ... thats final. Inflation is counted at 10% a year so thats a yearly intrest for as long as its not refunded, until the account goes down the option still exists to set this right, apologies are for sitcoms so save that for Homer

The business reasoning is also not very sound : the amount we would spend during the time we are alive and gaming FAR outweighs the money we lost due to a loophole in their system for which they wont take responsibility

I remember a little man from China who had his company hacked IMMEDIATELY granting the 100 million they stole so nobody lost money ... maybe these americans can take an example there

AS FOR THE REST - wont lose sleep over it but it affirms and reinforces our aversion to humans ofcourse, its more like "a reminder of what happens when you blink for a second and theres humans around"

AS FOR THE OTHER REST : if the bank ever tries to shove "the app" up my ass again now i have a physical transcript of why we didnt, dont and wont EVER - i dont have anything on my phone related to payment but when it comes to Crotter, which we count Valve into after this

you dont have a choice but to use a smartphone



the transcript : <
i couldnt reply anymore since the American wanker closed the ticket

so the profile (what else can i do ? its not like i can sue them i dont have the money to do that even if they clearly are responsible for a 3fac-authentication system that can be bypassed )

KNOW what happened Albert, i was screwing pcs before you your momma, i just assumed 2fac + sms would prevent abuse, which was idiotic. Now if you come to your senses you can refund me the money like you would treat a 12year long recurring customer with respect outside America.
Until then i wont be buying anything from Valve anymore. You jusrt explain what happened so im clearly in the right and you only put trades on hold for the item the guy sold from his account but not the money he siphoned out of mine bypassing the 3fac-auth via (very smart) loophole.

Until i get the money back i guess dawn of defiance will be the last thing i ever bought from Valve, i cant stand for this treatment, and you just close the fucking ticket TOO ?

thats ...

very american ii suppose

the ticket :

Steam Support
Home > My Recent Help Requests > HT-H8MF-TBMJ-HY6G
Account: shnull
Email: [email protected]
Ticket: HT-H8MF-TBMJ-HY6G
Your help request: I'm having trouble with items
Related to: Dota 2

Dota 2
Account: shnull
View in Store
View in my Library
Jul 17, 2012 - Purchased as part of: Dota 2 - Hardware Survey - view receipt

Message from you on Aug 18 @ 7:14pm | 1 day and 17 hours ago
https://steamcommunity.com/profiles/76561198007675562/friends/pending

i hope this still reaches. I got contacted by this guy to ask if i wanted to vote for his dota team

I seem to have been outsmarted for the first time in a while. The site looked skeey so i used authenticator and sms . My client rebooted but i only now just see my wallet balance looked suspiciously low. Somehow they got in by transferring the authenticator to somewhere in seattle USA (is what the mail said when i saw it) no idea it was that easy :)

In the time between me putting it back they bought an item for €136 on the market and thats where my wallet balance went. I see its on cooldown until the 25th so i'm more or less hoping you can undo the trade and get my money back its mostly there for buying games, not for giving to american crackheads.

The name was cyborgmatt but it seems to be gone from the list. All in all its quite a devious hack, including me confirming by sms after using the authenticator they still hijacked the account and sent my money elsewhere.

Im sure you have access to my history overthere, if there's anything else you need to know please let me know. It wont kill me and its a hard lesson but €136 isnt quite spare change either.

Thanks in advance,
J

Message from you on Aug 18 @ 7:20pm | 1 day and 17 hours ago
the item in question

NAME
+136,34€
18 Aug18 Aug
Lycosidae's Spiderling
Dota 2

btw

lol "im having trouble with items" is a bit of an understatement here but to be clear this is someone who made a fresh request not anyone i previously dealt with although i cant be sure they dont have two accounts at any rate you might wanna put a warning out. This is the first time in as long as i can remember something like that actually got through

Ill be awaiting your response then

thx again

Message from you on Aug 18 @ 7:26pm | 1 day and 17 hours ago
as all good things come in three, i probably wont check back until tomorrow as i contemplate just how -f king stupid i have been to assume theres a security system that works and there was no harm in going along b/c nothing could happen . I would just like to ask one extra question since it maybe already is possible.

I used the authenticator and i entered the sms code but somehow they worked around and sent my money off before i noticed. I was wondering if there's a setting i can mark to only allow payment outward after i enter ANOTHER sms code ? if the pukker can get to my simcard and read my sms in the same time i probably give up on humanity forever heh

triple thanks in advance then, i ll check back tomorrow

Message from Steam Support on Aug 19 @ 2:56am | 1 day and 10 hours ago
If activity occurred on your account you do not recognize, it may mean your account or computer has been compromised.

Someone may have gained access to your Steam account through spoofing, phishing, or malware.

As an immediate first step, you should take some action to secure your Steam account from further access. Our article on account security recommendations is a good start toward securing your Steam account.

If you suspect your computer is infected with malware, we have some tips for removing malware from your computer here. It may be a good idea to contact a local computer security expert if you're having trouble removing this malware.

Additionally, all Community Market transactions are final and cannot be reversed or refunded. When an item is purchased from the Community Market, the cost is sent from the buyer's Steam wallet to the seller's. Reversing these purchases would mean we have to take funds out of the seller's wallet, creating confusion and possible purchasing issues across Steam.

I'm sorry we can't be of more help with this, but we don't reverse or refund Community Market purchases and sales.

Steam Support
Albert

Message from you on Aug 19 @ 1:42pm | 23 hours ago
so are you saying someone stole €136 from my account , and "the item is on cooldown" but you cant give me the money back but you're still holding it ?

this is €136 okay i would seriously like you to consider because that means i probably wont buy anything from steam again. You have logs, you can see what happened, if i slowly gather enough money to buy civ VII and a few indies or elderscrolls VI and then after 10 years suddenly decide im buying an item worth €136 from a game i play once every two years you have all reasonable doubt that wasnt me.

Why would i do that once after 11 or 12 years and then wait two hours to file a ticket to get it back.

this is clearly an exceptional case where someone BYPASSED your two-factor authentication AND sms confirmation and emptied someones account.

I would urge you to take responsibility and refund me the money they stole or i certainly cant morally justify buying anything from steam again.

if need be take it higher up i cant stand for this

thanks in advance

j

Message from Steam Support on Aug 19 @ 4:40pm | 20 hours ago
It looks like a malicious user was able to transfer your account's Mobile Authenticator, using an SMS text message on August 18, 2024 prior to you writing in.

Since its unlikely they had direct physical access to your mobile device, this means its likely the code was provided to them using the "voting website" you mentioned.

Once they had this code they were able to transfer the Authenticator, then use it to purchase items from your account. Again, I’m sorry to hear that your account was used without your permission and I know it's frustrating to hear that we can't reverse Market activity. We will not be restoring your items.

To learn how to avoid scams or hijackings, please see our Trade Scam article.

To make sure that a scammer is reported, please report them through the Steam Community. Reporting a scammer through the Steam Community is the best way to prevent them from committing future scams.

Since there's not much more that I can say or do to be of help with this particular issue, I am going to close this help request. If you have questions on an unrelated issue, please create a new help request and we will be happy to help you.

Steam Support
Albert
This help request has been closed.



Previous :


Steam Support
Home > My Recent Help Requests > HT-H8MF-TBMJ-HY6G
Account: shnull
Email: [email protected]
Ticket: HT-H8MF-TBMJ-HY6G
Your help request: I'm having trouble with items
Related to: Dota 2

Dota 2
Account: shnull
View in Store
View in my Library
Jul 17, 2012 - Purchased as part of: Dota 2 - Hardware Survey - view receipt

Message from you on Aug 18 @ 7:14pm | 19 hours ago
https://steamcommunity.com/profiles/76561198007675562/friends/pending

i hope this still reaches. I got contacted by this guy to ask if i wanted to vote for his dota team

I seem to have been outsmarted for the first time in a while. The site looked skeey so i used authenticator and sms . My client rebooted but i only now just see my wallet balance looked suspiciously low. Somehow they got in by transferring the authenticator to somewhere in seattle USA (is what the mail said when i saw it) no idea it was that easy :)

In the time between me putting it back they bought an item for €xxx on the market and thats where my wallet balance went. I see its on cooldown until the 25th so i'm more or less hoping you can undo the trade and get my money back its mostly there for buying games, not for giving to american crackheads.

The name was cyborgmatt but it seems to be gone from the list. All in all its quite a devious hack, including me confirming by sms after using the authenticator they still hijacked the account and sent my money elsewhere.

Im sure you have access to my history overthere, if there's anything else you need to know please let me know. It wont kill me and its a hard lesson but €xxxs isnt quite spare change either.

Thanks in advance,
J

Message from you on Aug 18 @ 7:20pm | 19 hours ago
the item in question

NAME
+xxx,xx€
18 Aug18 Aug
Lycosidae's Spiderling
Dota 2

btw

lol "im having trouble with items" is a bit of an understatement here but to be clear this is someone who made a fresh request not anyone i previously dealt with although i cant be sure they dont have two accounts at any rate you might wanna put a warning out. This is the first time in as long as i can remember something like that actually got through

Ill be awaiting your response then

thx again

Message from you on Aug 18 @ 7:26pm | 19 hours ago
as all good things come in three, i probably wont check back until tomorrow as i contemplate just how -f king stupid i have been to assume theres a security system that works and there was no harm in going along b/c nothing could happen . I would just like to ask one extra question since it maybe already is possible.

I used the authenticator and i entered the sms code but somehow they worked around and sent my money off before i noticed. I was wondering if there's a setting i can mark to only allow payment outward after i enter ANOTHER sms code ? if the pukker can get to my simcard and read my sms in the same time i probably give up on humanity forever heh

triple thanks in advance then, i ll check back tomorrow

Message from Steam Support on Aug 19 @ 2:56am | 12 hours ago
If activity occurred on your account you do not recognize, it may mean your account or computer has been compromised.

Someone may have gained access to your Steam account through spoofing, phishing, or malware.

As an immediate first step, you should take some action to secure your Steam account from further access. Our article on account security recommendations is a good start toward securing your Steam account.

If you suspect your computer is infected with malware, we have some tips for removing malware from your computer here. It may be a good idea to contact a local computer security expert if you're having trouble removing this malware.

Additionally, all Community Market transactions are final and cannot be reversed or refunded. When an item is purchased from the Community Market, the cost is sent from the buyer's Steam wallet to the seller's. Reversing these purchases would mean we have to take funds out of the seller's wallet, creating confusion and possible purchasing issues across Steam.

I'm sorry we can't be of more help with this, but we don't reverse or refund Community Market purchases and sales.

Steam Support
xxxNAMExxx

Message from you on Aug 19 @ 1:42pm | 1 hour and 14 minutes ago
so are you saying someone stole €xxx from my account , and "the item is on cooldown" but you cant give me the money back but you're still holding it ?

this is €xxx okay i would seriously like you to consider because that means i probably wont buy anything from steam again. You have logs, you can see what happened, if i slowly gather enough money to buy civ VII and a few indies or elderscrolls VI and then after 10 years suddenly decide im buying an item worth €xxx from a game i play once every two years you have all reasonable doubt that wasnt me.

Why would i do that once after 11 or 12 years and then wait two hours to file a ticket to get it back.

this is clearly an exceptional case where someone BYPASSED your two-factor authentication AND sms confirmation and emptied someones account.

I would urge you to take responsibility and refund me the money they stole or i certainly cant morally justify buying anything from steam again.

if need be take it higher up i cant stand for this

thanks in advance

j

Update my help request
Has this issue been resolved?
Click here if you no longer need help


edit :

pps :

If its any consolation for all that money you wont be receiving in the coming years b/c of your "policy" we wont resort to epic , crotterstore or buy an xbox or playstation either, our attitudes towards that havent changed because of this. Thing is , we kinda want physical copies only for games over €5 now, and they dont exist anymore do they ?

last one i saw was : "pay double and you get .... digital art (you have to print yourself), a digital soundtrack (which is basically already in the game) and a 3D PRINTABLE (-ABLE not -ED) figure (which you have to print yourself) so that doesnt count to an ancient being like this one

this is just "its the americans again" + "look, we answered a human" , no one's gonna lose sleep over it but Valve is now with Crotter and Newell is now from where Musk once was "a promise" down to where he isnow : "just another american scambag"

bye ... maybe next life or the one after we have some good news but in this one i doubt it

SO ... if you use "the app" or some NFC transfer

caveat emptor , you might end up emptier

honestly this is the first time in 30 years (sure money has been stolen here in salems lot but not scammed) it succeeds, in all honesty we were curious what the guy was gonna try (bored perhaps i dont know) and then fell for the "WELL IM GONNA USE THE SECURITY APP! WHAT CAN GO WRONG" which is EXACTLY how they got in and siphoned it out

its a really COOL piece of engineering, mister Mitnick R.I.P. would agree

but that doesnt change the facts and the issue on who should be taking responsibility

E O F ...

see you in the next post in 2025 or something


o i see

forgot to mark out the name and numbers in this one

well the name wont matter b/c they have logs (which is exactly why i see no reason why i dont get refunded as everything in the logs says i didnt after 15 years suddenly decide to rip myself with a fake account and set Valve up for €100)

to avoid confusion : this is money we gather over MONTHS maybe longer with a maximum of €25 a month as budget is REALLY low but theres a few we'll want , like civ VII or elder scrolls VI (should have been about enough for those, right?) this is NOT "we got so much spare change around we just keep it on steam)

and with this i really have stuff to do

you can restitute by refunding with a 10% intrest per year not paid due to inflation (subject to change depending on the IMF and the FED i suppose)

or someone can commit sepukku and throw their family in the ocean

both are acceptable apologies, anything else wont do im afraid

now leave me alone


haa dear, you know this is where you STFU b/C nothing you say can fix it, thing ?

are you american-educated perhaps ? maybe some CEO-dataset made of psychopath-economics ?

Turns out of all things the air duster i bought (its been more than six months and the reason WE HAVE a borg cube still today made of scrap and gatherings and stuff that lasts for over 15 years by now and isnt even a 1980s or 90s computer ... the compressor isprobably one of those, but it broke so we needed a new one and now we bought one thats ACTUALLY MADE IN AMERICA, we get ripped off (statisticallly in the last 10 years i should say AGAIN) by americans ... everything that has cost us money seems to be american in the last 15 years , that and the precious family ofcourse

listen here : math is not spelling it goes like this , for someone who doesnt live in disneyland and saves up money for games b/c gaming since ataripaddles and STILL actually tries to support developers despite living in a place thats nowhere with no future and a life thats going nowhere forever : €136 at a maximum of €25 a month ("maximum of") equals "at least 7 months" , now i know math is hard but thats reality, and THE LUCK IS in the last months we havent, for some reason ever since inflation stopped (!) here in soviet helgium there always seems to be less and less money - the toilet paper gets thinner and potatoes basically spoil by the next day, we just got dawn of defiance which will likely be the last thing we ever buy off of Valve (and we already wouldnt on epic or miCrotter) so that would be like EIGHT months otherwise and b/c we quit otherwise it would be like 10 or 12 but there wasnt enough to dump aside

so to get this back it would take AT LEAST ANOTHER SIX OR SEVEN MONTHS

math is hard, i know

but so is physics and despite that a moving train will hit you even if you smile at it positively

NOW IF YOU DONT MIND ....

maybe you wanna format your phone and reinstall everything to start, we basically dont HAVE apps but the ones we cant go without and steam auth is one of them and someone just USED THAT ONE to rip us off

enjoy , sweet dreams