Report: Steam Forums Down, Possibly Hacked

November 7, 2011 -

The Steam forums are offline, with a message to visitors declaring that they are undergoing maintenance, but some users are telling Eurogamer that the forums may have suffered a security breach. Currently the forums are displaying the following message:

"The Steam Forums are temporarily offline for maintenance," a message on Steampowered reads. "Your patience is appreciated."

Eurogamer received an email from one Steam user who said a group changed the text on the forum and spammed some users' email addresses. The group is reportedly from FknOwned.com, a website that offers video game hacks, porn, etc. The group managed to deface the forums and some users reported receiving emails from Steampowered.com with the following message:

"Ever wanted to dominate the servers you play on with guaranteed results, but you were too afraid to cheat because of ban risks? Visit [removed domain] It's safe, secure and undetected."

"Along with hacks, we've also got some general discussion sections, hacking tutorials and tools, porn, free giveaways and much more. This site has been conditioned to meet all your needs in terms of resources so be sure to take a look and tell us what you think."

"Thanks again, the fkn0wned team."

No one has claimed that user data has been compromised or that any Steam accounts have been breached. Valve has not publicly commented on this story.

Source: Eurogamer

Posted in

Comments

Re: Report: Steam Forums Down, Possibly Hacked

Thankfully the Steam forums use the vBulletin forum software which encrypts account passwords (using md5 with salt) in the database (I know since I've set up vBulletin forums before). This makes it absolutely impossible to decrypt them back into plain text again (the wonders of trap-door cryptography).

 

The hackers could on the hand change people's forum (not Steam) passwords if they broke into the Admin Panel but that wouldn't accomplish anything useful. The worst it seems they've done is collected a huge list of user e-mails to spam and that's about it. Hopefully Valve can just roll back to the latest backup and things will work once again. I guess it depends on how the intruders broke in (phished an admin, found an exploit, etc) which determines how long it will take to prevent future incidents.

 
Forgot your password?
Username :
Password :

Poll

Have you visited a video game arcade in the last year?:

Shout box

You're not permitted to post shouts.
Papa MidnightThe Verge says the sequel to Flappy Bird is nearly impossible. http://www.theverge.com/2014/8/21/6053297/swing-copters-flappy-bird-sequel08/21/2014 - 12:22pm
SleakerPC-Gamer wrote an article on what's going on with the Minecraft stuff: http://www.pcgamer.com/2014/08/21/minecraft-bukkit-team-lead-tries-to-end-development-but-mojang-steps-in/08/21/2014 - 11:55am
SleakerEVE had a high-profile ban today: http://massively.joystiq.com/2014/08/20/eve-online-lottery-site-somer-blink-shutting-down/#continued08/21/2014 - 10:26am
SleakerBut where have all the Ethics gone?08/21/2014 - 9:08am
Sleaker@EZK - one of the bigger things is that since Mojang has owned Bukkit for 2 years now, people contributing to the project have basically been doing work for them pro-bono. On top of never formalizing support. They hid the fact probably to prevent support08/21/2014 - 9:07am
SleakerIf you've played on a server with mods/plugins, you've almost for sure played on a Bukkit-based server.08/21/2014 - 8:56am
SleakerHere's Bukkit's explanation attempt at shutting down due to EULA changes: http://forums.bukkit.org/threads/bukkit-its-time-to-say.305106/08/21/2014 - 8:55am
SleakerEZK - it's the largest server mod for MC, in actuality without it minecraft for sure would not have been as popular (#1 game now).08/21/2014 - 8:54am
SleakerTo the point that it seems they have completely lost what it means to be for-community, and having transparency. Along with dumping restrictive EULA's onto people.08/21/2014 - 8:53am
E. Zachary KnightWhat is Bukkit and why should I care?08/21/2014 - 8:53am
SleakerMinecraft community exploded again today. Apparently Mojang owns all of Bukkit, and never put out a statement saying as such 2 years ago when they acquired them. I have to say, their transition from indie has been rough.08/21/2014 - 8:52am
james_fudgeThere aren't many left in America08/21/2014 - 1:50am
MechaTama31I sure have. Dorky's barcade in Tacoma, WA.08/20/2014 - 5:56pm
Matthew WilsonI have not been to a arcade in years. I know arcades are still big in japan.08/20/2014 - 5:38pm
Sleaker@AE - Ah no it's called GroundKontrol - I was just referring to it as a Bar-Arcade.08/20/2014 - 4:39pm
Andrew EisenStill looking for confirmation that High Moon Studios (dev behind the PS3/360 versions) isn't working on it.08/20/2014 - 4:38pm
ZenGotcha.08/20/2014 - 4:37pm
Andrew EisenI already updated the story with it!08/20/2014 - 4:36pm
Zenhttp://www.gonintendo.com/s/235574-treyarch-isn-t-working-call-of-duty-advanced-warfare-for-wii-u-either08/20/2014 - 4:36pm
ZenLet me send the link for the Tweet as well...they state Treyarch is not working on it. Grabbing it now.08/20/2014 - 4:34pm
 

Be Heard - Contact Your Politician