Welcome to discussions

Quick Suggestions

  • gleb999gurbatov
    8 posts

    @longjohn119 ahahahah are u sure?) yeah, mb they get more money, cause the game industry has been developed, prices are extremely higher than years ago, + inflation. And the real count of ACV copies is a privat Ubisoft info

  • Kormac67
    625 posts

    @longjohn119 Another random and useless "information".
    Please explain

    • how is script code hidden in a picture's meta information supposed to get executed
    • what's the fundamental difference between a picture shown in the steam client and a picture shown in a browser from anywhere else from the internet, like the picture you embedded in your post in this forum
  • longjohn119
    551 posts
  • longjohn119
    551 posts

    @gleb999gurbatov Well if it's secret then how can you know they lost 30% of sales? If given a choice I always buy my games straight from the developer because all Steam does for many games is add another layer of DRM on top of the already existing DRM from the publisher. So I buy Ubisoft games from Ubisoft, Rockstar games from Rockstar, CDPR games from CDPR (GOG) and in the case of GOG I can completely bypass the launcher (Which doesn't add any DRM anyway) and start the game up directly from the exe. The more background apps you have running then less performance you get. Unfortunately with Live Service games that's not possible without losing features

  • Kormac67
    625 posts

    @longjohn119 Read my post again. I did not ask how the code is hidden, I asked how it is supposed to be executed.
    By posting a meaningless Google link you just prove you don't understand that part yourself, "25 years" or not.

  • longjohn119
    551 posts

    @kormac67 From the second link

    " The heavy lifting in the shape of downloading, unpacking and executing the malicious payload is handled by an external component which just accesses the profile image on one Steam profile. This payload can be distributed by the usual means, from crafted emails to compromised websites.
    The Steam profile image is neither infectious nor executable. It serves as carrier for the actual malware[2]. It needs a second malware[1] to be extracted. This second malware sample[1] is a downloader. It has the hardcoded password "{PjlD\\bzxS#;8@\\x.3JT&<4^MsTqE0" and uses TripleDES to decrypt the payload from the image."

    Now how I would do it and probably how they may eventually do it is put the second payload in a hacked game and once some idiot installs that "free" game on their computer it goes to the Steam image and executes that code which will most likely give them root access, shut down any virus scanners and then have an IP address to send the stolen user data to


  • Kormac67
    625 posts

    @longjohn119 If you can execute some code on someone's machine, that's all you need. The picture itself is harmless, and your "Steam deliveres malware" meme falls apart.

  • longjohn119
    551 posts

    @kormac67 Again you don't understand how this really works

    They separate it into two different payloads because alone each piece can slip by virus and malware scanners ..... So you have part of the payload in the Steam Profile where their own virus scanners OBVIOUSLY missed it and you put the other part in a hacked game or even make it downloadable just by visiting a compromised website where viruses scanners also miss it because alone it is harmless (or at least looks harmless).... So you have two undetectable pieces of code that look harmless but when put together form malware that is very dangerous that can turn off virus scanners on the host system and get root access .....

    Right now this potential trojan/virus is a work in progress but Steam needs to nip this in the bud and they have been warned by security specialists and are likely dragging their feet which is why these security specialists put it out there in public to force their hand and make them get on top of this before it becomes a problem. Steam has a history of ignoring warnings of potential security risks because doing something cuts into their Bottom Line (They aren't the only ones guilty, Microsoft used to have this problem too until a few years ago)

  • longjohn119
    551 posts

    @longjohn119
    November 7 2011 - The forums for Valve's Steam service were hacked. Redirects for a hacking website, Fkn0wned, appeared on the Steam users' forums, offering "hacking tutorials and tools, [censored], free giveaways and much more

    2014 - 2016 - Thousands of Steam accounts were compromised by "Steam Stealer" trojans that could be bought for as little as $3 American (200 Rubles) on underground Russian websites

    December 25, 2015 - "Valve releases a statement: Valve is having caching issues allowing users to view things such as account information of other users. Please don't use Store for now" Issue was caused by Valve misconfiguring their servers after a DDoS attack a few days earlier

    In the case of the Steam Stealer debacle Hackers also used a 2 stage payload system storing the second stage on Pastebin much like this one stores it in a Steam profile picture

    Steam Stealers - Research paper by Kapersky Labs Global Research and Analysis Team

Suggested Topics

Community Details

111
Online
142.3k
Users
25.1k
Topics
130.4k
Posts