Luuzzi
commented
11 months ago A small suggestion, if it's appropriate. Please check the topics I've sent, find the match IDs, and examine the profiles of the players who participated in those matches. If you have logs, you'll understand the specific action used to attack the Steam clients of the victims.
I would also advise blocking the entire botnet network that the perpetrators currently have because it's unclear what else they could do with it.
And please ensure that there are no similar mechanisms for attacking regular PC users because this botnet could eventually become public, leading to chaos. I still believe it would be sensible to impose limits on the number of packets sent within a specific time frame for each profile. This mechanism must be implemented in Steam backend, and I believe there's no need to explain why.
gedo19
NoDaxxing
Hello, my message is not directly related to steam-for-linux; it concerns the entire architecture of the Steam backend. Unfortunately, there isn't a specific tracker where I can publish my message, so I'm posting it here.
I believe a group of individuals has assembled a sort of botnet, which they are using to carry out attacks on Steam clients of streamers or professional gamers. I cannot debug the packets to pinpoint the issue and determine the exact tools they are using because it hasn't affected me, and unfortunately, I cannot contact those who have been affected by it.
However, I have a few assumptions. I'm not familiar with the steam-client architecture, but it seems that malicious actors are exploiting a vulnerability and sending a flood of garbage packets. I can't specify the exact nature of these packets, but it's clear that this is happening through Steam servers because the victims' internet connections remain unaffected; they just can't play online games via the Steam platform. Perhaps it's some kind of "invisible" packet, such as a notification that you've been added to a blacklist or something similar. There are hundreds of such mechanisms. Because a large number of clients have turned into a botnet, the malicious actor(s) simply send these requests in thousands to specific streamers/professional players' accounts. The packet processing queue starts to slow down all other mechanisms, causing issues with the client.
I think a reasonable solution would be to limit the sending of such packets to one user profile. For example, when the Steam backend detects that a multitude of similar packets are being sent to a specific profile, it could start restricting the sending to stop the spam and normalize the queue.
I wouldn't want to see this malicious software at the upcoming TI, as Valve could suffer reputation damage. By the way, this bug has been around for about six months, but no one seems to be reacting to it. I hope for your understanding.
Best regards.
https://github.com/ValveSoftware/Dota2-Gameplay/issues/9529 https://github.com/ValveSoftware/Dota2-Gameplay/issues/11944 https://github.com/ValveSoftware/Dota2-Gameplay/issues/12022