search

Jessecar96 / SteamDesktopAuthenticator

Desktop implementation of Steam's mobile authenticator app
MIT License
3.41k stars 637 forks source link

SCAM ALERT #883

Closed FusionJura closed 1 year ago

FusionJura commented 1 year ago

DO NOT RUN MakCStudio Steam Auth!

https://github.com/MakcStudio/SteamDesktopAuthenticator/issues/6

h1senberg commented 1 year ago

Here we go again… zero proof, just piss and vinegar.

Why don’t you use a proxifier to restrict any outgoing connections of the app except for these addresses:

Alternatively, you could use virtualbox with a firewall and/or proxifier that only allows outgoing connections to the mentioned addresses.

If the application is malicious, your data won’t go anywhere.

FusionJura commented 1 year ago

23.54.112.231 - not steam.. (Akamai Technologies server 23.32.0.0 - 23.67.255.255) 140.82.121.4 - github, woooooohoo 92.122.104.90 - not steam.. (Akamai Technologies server 92.122.104.0 - 92.122.107.255) 184.30.24.206 - not steam.. (Akamai Technologies server 184.24.0.0 - 184.31.255.255)

https://dnschecker.org/ip-whois-lookup.php Right now im decompailing and searching all urls/ips

FusionJura commented 1 year ago

Here we go again… zero proof, just piss and vinegar.

Why don’t you use a proxifier to restrict any outgoing connections of the app except for these addresses:

  • steamcommunity.com
  • store.steampowered.com
  • api.steampowered.com
  • login.steampowered.com

Alternatively, you could use virtualbox with a firewall and/or proxifier that only allows outgoing connections to the mentioned addresses.

If the application is malicious, your data won’t go anywhere.

Btw im talking to users that ARE NOT programmers, to normal steam users, traders. You cant create post and claim that you are virus free (specially if virus total flagged you 3 time, 3 TIMES!!!!)

therepower commented 1 year ago

Akamai is CDN of steam, copy url of any image on steam and you can confirm https://prnt.sc/ZqkX6nQ4sahY

The three detections you mentioned are from trash antiviruses, upload original SDA.exe you will see same result, they show malicious because these files are not signed by a company.

FusionJura commented 1 year ago

Akamai is CDN of steam, copy url of any image on steam and you can confirm https://prnt.sc/ZqkX6nQ4sahY

The three detections you mentioned are from trash antiviruses, upload original SDA.exe you will see same result, they show malicious because these files are not signed by a company.

Okay bro, you don't have to be angry. It is very suspicious because many people are offering their fork of authenticator.

Many people are falling for those scams

FusionJura commented 1 year ago

sorry for attacking fork of git projectcs, but you have to understand my perspective.

The project stopped working and suddenly new git projects appeared that supposedly fix the problem. This is normally an instant red flag, because users are desperate for an authenticator that works, they'll download anything.

therepower commented 1 year ago

Akamai is CDN of steam, copy url of any image on steam and you can confirm https://prnt.sc/ZqkX6nQ4sahY The three detections you mentioned are from trash antiviruses, upload original SDA.exe you will see same result, they show malicious because these files are not signed by a company.

Okay bro, you don't have to be angry. It is very suspicious because many people are offering their fork of authenticator.

Many people are falling for those scams

I'm not angry :D just wanted to explain it to you