Report: Steam Forums Down, Possibly Hacked

The Steam forums are offline, with a message to visitors declaring that they are undergoing maintenance, but some users are telling Eurogamer that the forums may have suffered a security breach. Currently the forums are displaying the following message:

"The Steam Forums are temporarily offline for maintenance," a message on Steampowered reads. "Your patience is appreciated."

Eurogamer received an email from one Steam user who said a group changed the text on the forum and spammed some users' email addresses. The group is reportedly from, a website that offers video game hacks, porn, etc. The group managed to deface the forums and some users reported receiving emails from with the following message:

"Ever wanted to dominate the servers you play on with guaranteed results, but you were too afraid to cheat because of ban risks? Visit [removed domain] It's safe, secure and undetected."

"Along with hacks, we've also got some general discussion sections, hacking tutorials and tools, porn, free giveaways and much more. This site has been conditioned to meet all your needs in terms of resources so be sure to take a look and tell us what you think."

"Thanks again, the fkn0wned team."

No one has claimed that user data has been compromised or that any Steam accounts have been breached. Valve has not publicly commented on this story.

Source: Eurogamer

Tweet about this on TwitterShare on FacebookShare on Google+Share on RedditEmail this to someone

One comment

  1. 0
    djnforce9 says:

    Thankfully the Steam forums use the vBulletin forum software which encrypts account passwords (using md5 with salt) in the database (I know since I've set up vBulletin forums before). This makes it absolutely impossible to decrypt them back into plain text again (the wonders of trap-door cryptography).


    The hackers could on the hand change people's forum (not Steam) passwords if they broke into the Admin Panel but that wouldn't accomplish anything useful. The worst it seems they've done is collected a huge list of user e-mails to spam and that's about it. Hopefully Valve can just roll back to the latest backup and things will work once again. I guess it depends on how the intruders broke in (phished an admin, found an exploit, etc) which determines how long it will take to prevent future incidents.

Leave a Reply