Hackers stealing Steam accounts through BITB attacks.

Buzz

Ngày cập nhật gần nhất: 15/4/2026

Content

Steam accounts compromised through browser-based attacks.

Cybercriminals executing fresh assaults to pilfer user login data on Steam via Browser-in-the-Browser (BITB) tactics.

The Browser-in-the-Browser attack technique is essentially a prevalent method involving the creation of counterfeit browser windows on active windows, making the counterfeit browser window appear as a targeted login pop-up window.

Steam accounts compromised through browser-based attacks.

Initially detected and reported by BleepingComputer in March 2022, this new Phishing tool is likely developed by security researcher mr.d0x. By utilizing this toolkit, attackers can fabricate counterfeit login forms on Steam, Microsoft, Google, and various other services.

Latest Steam download link:

+ Download link for Steam on Android
+ Download link for Steam on iOS
+ Download link for Steam on Windows

Continuing on this topic, today Group-IB released a report illustrating how a new campaign utilizes Browser-in-the-Browser technique targeting Steam users, and how it steals accounts of gamers.

These Phishing attacks aim to sell access rights to users' Steam accounts, some of which are valued from $100,000 to $300,000.

Additionally, Group-IB's report also points out that the Phishing toolkit used in campaigns targeting Steam accounts is not widely available on hacker forums or the dark web market. Instead, this tool is privately used by cybercriminals connected through Discord or Telegram channels to coordinate their attacks.

Switching Steam's language to Vietnamese helps users operate the software more easily. The process of switching Steam to Vietnamese is quite simple, and readers can refer to the guide below by Mytour and follow along.

Potential victims targeted will receive a link in direct messages on Steam, inviting them to join teams for LoL, CS, Dota 2, or PUBG tournaments. This link will redirect the targeted victims to scam websites resembling the website of a sponsoring organization and hosting esports competitions.

To join a team, visitors are required to log in through their Steam accounts. However, because the login window is newly created and displayed on the current page, it's very difficult to detect this as a Phishing attack. Moreover, the target page supports 27 languages, detecting the browser's language preference and loading the correct language source.

After entering login credentials, the victim's screen will display a request for a 2FA code. If the second step fails, an error message will be displayed on the screen.

Conversely, if authentication is successful, the user will be redirected to a URL specified by C2, usually a legitimate address, to limit the victim's ability to detect the attack.

At the current time, victim information is stolen and sent to cybercriminals. In similar attacks, attackers will hijack Steam accounts, change passwords and email addresses, making it difficult for victims to regain control of their accounts.

Mytour's content is for customer care and travel encouragement only, and we are not responsible.

For errors or inappropriate content, please contact us at: [email protected]