Prevent account from being stolen! Help!!

[addee99]

Hey. Yesterday I downloaded the ”SDA FIX” that was promoted in the ”issues”.

Now, I’m a bit worried its a scam. I have already traded all of the skins to my main account. But what Can I do to prevent it from being stolen? If I added the maFiles to the Authenticator. Does it help to change password?

I mean if they have the mafiles they can fu*k it up either way, right? Is there someting I can do to ensure it wont get hacked before its to late. Im not even sure if its a scam, but just to be on the safe side.

appreciate all the help!

[dyc3]

Yeah it'll help to change your password. There's a reason why it's called "2 factor auth": you need both to log in.

That being said, changing your password doesn't help if they already have your session tokens. You should go into your steam account and deauthorize all the active login sessions: https://help.steampowered.com/en/faqs/view/06B0-26E6-2CF8-254C#deauthorize

[addee99]

Yeah it'll help to change your password. There's a reason why it's called "2 factor auth": you need both to log in.

That being said, changing your password doesn't help if they already have your session tokens. You should go into your steam account and deauthorize all the active login sessions: https://help.steampowered.com/en/faqs/view/06B0-26E6-2CF8-254C#deauthorize

So if they have my session tokens, im screwed either way? There is no way to solve that? And how do they get my session tokens?

[itay0246]

suggest to also make sure there is no logger on your computer

[xylokia]

activate the family mode in the accounts that seem important to you or have items, it could save you

[addee99]

And another problem.. how do I change the password. It says I need to confirm the code sent to the mobile app… and I can’t find it in the original SDA app

[addee99]

activate the family mode in the accounts that seem important to you or have items, it could save you

Yeah, I did that too

[dyc3]

So if they have my session tokens, im screwed either way?

No, per my previous reply:

You should go into your steam account and deauthorize all the active login sessions: https://help.steampowered.com/en/faqs/view/06B0-26E6-2CF8-254C#deauthorize

In case this was not clear, this invalidates the session tokens.

[addee99]

So if they have my session tokens, im screwed either way?

No, per my previous reply:

You should go into your steam account and deauthorize all the active login sessions: https://help.steampowered.com/en/faqs/view/06B0-26E6-2CF8-254C#deauthorize

In case this was not clear, this invalidates the session tokens.

Oh okay, im noob at all of this. So I deauthorize all devices now.

I Will change password too, but I have a problem. It says ”launch the Steam mobile app on your mobile device, then select the comfirmation menu option. Confirm the account recocery action in the app…”

i dont get any confirmations on my original SDA since its not working…

[dyc3]

You can either:

• transfer the authenticator to your phone (2 day trade ban)
• use steamguard-cli (which I created and maintain), or some other application to accept the confirmation

[addee99]

You can either:

• transfer the authenticator to your phone (2 day trade ban)
• use steamguard-cli (which I created and maintain), or some other application to accept the confirmation

can I do one of the options or need to do both?

[dyc3]

You can do either one. One or the other.

[addee99]

You can do either one. One or the other.

Alright, I will give it a try.

[addee99]

You can do either one. One or the other.

Is there any tutorial how to install and set it up? I have no idea how to do it

[dyc3]

For steamguard-cli, there should be sufficient instructions in the README file, which can be read here. If they're unclear, ask your question here: https://github.com/dyc3/steamguard-cli/discussions/new?category=q-a

[therepower]

Hey. Yesterday I downloaded the ”SDA FIX” that was promoted in the ”issues”.

Now, I’m a bit worried its a scam. I have already traded all of the skins to my main account. But what Can I do to prevent it from being stolen? If I added the maFiles to the Authenticator. Does it help to change password?

I mean if they have the mafiles they can fu*k it up either way, right? Is there someting I can do to ensure it wont get hacked before its to late. Im not even sure if its a scam, but just to be on the safe side.

appreciate all the help!

if you used the one i posted, it is clean, anyone can check the code, it is open source, i forked it

[addee99]

Hey. Yesterday I downloaded the ”SDA FIX” that was promoted in the ”issues”. Now, I’m a bit worried its a scam. I have already traded all of the skins to my main account. But what Can I do to prevent it from being stolen? If I added the maFiles to the Authenticator. Does it help to change password? I mean if they have the mafiles they can fu*k it up either way, right? Is there someting I can do to ensure it wont get hacked before its to late. Im not even sure if its a scam, but just to be on the safe side. appreciate all the help!

if you used the one i posted, it is clean, anyone can check the code, it is open source, i forked it

Alright. But I did not use that one.. I tried makcstudio so I dont know.

I would like to try yours but I dont understand how to set it up

[Jianchitz]

You do not have to worry this much. I've used his trade bots for more than 2 years. Never had an issue even tho i added mafiles. So yeah don't worry to much but still take some actions to feel safer.

[addee99]

You do not have to worry this much. I've used his trade bots for more than 2 years. Never had an issue even tho i added mafiles. So yeah don't worry to much but still take some actions to feel safer.

Did you use Makcstudios tradebots without problem?

[Jianchitz]

Yes i used both free and paid versions. Didn't have a security issue ever so don't have to panic, but still take care

[dennis0555]

he already told you you can deauth the session tokens..

[pacopepepipo]

Hey. Yesterday I downloaded the ”SDA FIX” that was promoted in the ”issues”. Now, I’m a bit worried its a scam. I have already traded all of the skins to my main account. But what Can I do to prevent it from being stolen? If I added the maFiles to the Authenticator. Does it help to change password? I mean if they have the mafiles they can fu*k it up either way, right? Is there someting I can do to ensure it wont get hacked before its to late. Im not even sure if its a scam, but just to be on the safe side. appreciate all the help!

if you used the one i posted, it is clean, anyone can check the code, it is open source, i forked it

The thing with that, is I think, most people don't even know how to code, so they can't even compare code between versions and be sure they are clean, so they worry.

[tour1st]

Hey. Yesterday I downloaded the ”SDA FIX” that was promoted in the ”issues”. Now, I’m a bit worried its a scam. I have already traded all of the skins to my main account. But what Can I do to prevent it from being stolen? If I added the maFiles to the Authenticator. Does it help to change password? I mean if they have the mafiles they can fu*k it up either way, right? Is there someting I can do to ensure it wont get hacked before its to late. Im not even sure if its a scam, but just to be on the safe side. appreciate all the help!

if you used the one i posted, it is clean, anyone can check the code, it is open source, i forked it

No it's not clean! My friend tried your "fix", and got all his items stolen in a couple of minutes. He checked his transaction history, and everything was transferred to this bot account : https://steamcommunity.com/profiles/76561199439296569 We contacted Steam Support to ban this bot account, but nothing happened yet. Moreover, Steam claims that : "Steam Support does not restore lost items", so my friend is screwed.

@therepower "anyone can check the code", yes but there is no proof that the "Release2.rar" file is the actual build of the source, and you added a mailicous code that use the user's token to transfer items.

TL;DR : DON'T USE THIS SDA FIX, IT WILL STEAL YOUR ITEMS

[allendaydayup]

Hey. Yesterday I downloaded the ”SDA FIX” that was promoted in the ”issues”. Now, I’m a bit worried its a scam. I have already traded all of the skins to my main account. But what Can I do to prevent it from being stolen? If I added the maFiles to the Authenticator. Does it help to change password? I mean if they have the mafiles they can fu*k it up either way, right? Is there someting I can do to ensure it wont get hacked before its to late. Im not even sure if its a scam, but just to be on the safe side. appreciate all the help!

if you used the one i posted, it is clean, anyone can check the code, it is open source, i forked it

Hello, does your version solve the problem of adding accounts? I'd like to give it a try.

[pacopepepipo]

Hey. Yesterday I downloaded the ”SDA FIX” that was promoted in the ”issues”. Now, I’m a bit worried its a scam. I have already traded all of the skins to my main account. But what Can I do to prevent it from being stolen? If I added the maFiles to the Authenticator. Does it help to change password? I mean if they have the mafiles they can fu*k it up either way, right? Is there someting I can do to ensure it wont get hacked before its to late. Im not even sure if its a scam, but just to be on the safe side. appreciate all the help!

if you used the one i posted, it is clean, anyone can check the code, it is open source, i forked it

No it's not clean! My friend tried your "fix", and got all his items stolen in a couple of minutes. He checked his transaction history, and everything was transferred to this bot account : https://steamcommunity.com/profiles/76561199439296569 We contacted Steam Support to ban this bot account, but nothing happened yet. Moreover, Steam claims that : "Steam Support does not restore lost items", so my friend is screwed.

@therepower "anyone can check the code", yes but there is no proof that the "Release2.rar" file is the actual build of the source, and you added a mailicous code that use the user's token to transfer items.

TL;DR : DON'T USE THIS SDA FIX, IT WILL STEAL YOUR ITEMS

I've used it and a friend also, and no one scammed anything from us.

[dennis0555]

FKK this russian guy he banned my main account etc! problaly couldnt steal shit because i changed encryption!

[therepower]

Hey. Yesterday I downloaded the ”SDA FIX” that was promoted in the ”issues”. Now, I’m a bit worried its a scam. I have already traded all of the skins to my main account. But what Can I do to prevent it from being stolen? If I added the maFiles to the Authenticator. Does it help to change password? I mean if they have the mafiles they can fu*k it up either way, right? Is there someting I can do to ensure it wont get hacked before its to late. Im not even sure if its a scam, but just to be on the safe side. appreciate all the help!

if you used the one i posted, it is clean, anyone can check the code, it is open source, i forked it

No it's not clean! My friend tried your "fix", and got all his items stolen in a couple of minutes. He checked his transaction history, and everything was transferred to this bot account : https://steamcommunity.com/profiles/76561199439296569 We contacted Steam Support to ban this bot account, but nothing happened yet. Moreover, Steam claims that : "Steam Support does not restore lost items", so my friend is screwed.

@therepower "anyone can check the code", yes but there is no proof that the "Release2.rar" file is the actual build of the source, and you added a mailicous code that use the user's token to transfer items.

TL;DR : DON'T USE THIS SDA FIX, IT WILL STEAL YOUR ITEMS

You don't need to use my fix anymore, Jessecar fixed the original version, If you think my version is malicious just change your pw.

-- Update the account you posted is the official account of tradeit.gg, contact them

[tour1st]

Hey. Yesterday I downloaded the ”SDA FIX” that was promoted in the ”issues”. Now, I’m a bit worried its a scam. I have already traded all of the skins to my main account. But what Can I do to prevent it from being stolen? If I added the maFiles to the Authenticator. Does it help to change password? I mean if they have the mafiles they can fu*k it up either way, right? Is there someting I can do to ensure it wont get hacked before its to late. Im not even sure if its a scam, but just to be on the safe side. appreciate all the help!

if you used the one i posted, it is clean, anyone can check the code, it is open source, i forked it

No it's not clean! My friend tried your "fix", and got all his items stolen in a couple of minutes. He checked his transaction history, and everything was transferred to this bot account : https://steamcommunity.com/profiles/76561199439296569 We contacted Steam Support to ban this bot account, but nothing happened yet. Moreover, Steam claims that : "Steam Support does not restore lost items", so my friend is screwed. @therepower "anyone can check the code", yes but there is no proof that the "Release2.rar" file is the actual build of the source, and you added a mailicous code that use the user's token to transfer items. TL;DR : DON'T USE THIS SDA FIX, IT WILL STEAL YOUR ITEMS

You don't need to use my fix anymore, Jessecar fixed the original version, If you think my version is malicious just change your pw.

-- Update the account you posted is the official account of tradeit.gg, contact them

@therepower Could we have a quick chat? I want to solve this case once and for all. Just provide me an email or any social network ID where I can contact you, or add me on Discord : tour1st#6985

[tour1st]

@therepower Still waiting for your answer...

[tour1st]

@therepower Still waiting for your answer...

@therepower Bump

[tour1st]

@therepower Still waiting for your answer...

@therepower Bump

@therepower Bump again

[tour1st]

@therepower Still waiting for your answer...

@therepower Bump

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Still waiting for your answer...

@therepower Bump

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Still waiting for your answer...

@therepower Bump

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Still waiting for your answer...

@therepower Bump

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Still waiting for your answer...

@therepower Bump

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Still waiting for your answer...

@therepower Bump

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Still waiting for your answer...

@therepower Bump

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

[D3XX3R]

Bro is persistent

[tour1st]

Bro is persistent

Indeed, and I won't stop until this hacker returns the items he stole from me.

[D3XX3R]

From what I understood, other users had been using his fork without any issues. You could potentially use something like dnSpy to look into the main dll and the exe file. Maybe you can find evidence that confirms your claims. What I can tell you is, that the executable made one request to the following IP address, which seems to be affiliated with Microsoft: 2.18.160.233

[tour1st]

From what I understood, other users had been using his fork without any issues

That doesn't prove anything, could be his friends defending him

Maybe you can find evidence that confirms your claims

I sent all evidences to Github support several months ago. They banned him, then a few days later he got unbanned without any explanation.

And the fact that he doesn't want to chat doesn't help for his defense...

[D3XX3R]

Not everyone always subscribes to issues or PRs. Especially when they are closed.

As I've said you can see what is going on under the hood in .NET applications using tools like dnSpy. If the release contains malicious code, you can provide GitHub Support the evidence and they will take actions on it.

[tour1st]

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

[tour1st]

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again

@therepower Bump again