All Discussions > Steam Forums > Help and Tips > Topic Details
EnzyWeiss 6 hours ago
WTF? Strange unauthorized game launches and account activity
Yesterday, while I was playing, I got logged out of Steam. When I logged back in, I noticed that the game Rust had been running for 4 minutes. I haven’t launched this game in years, and it isn’t even installed on my PC. Somehow, someone accessed my account and started this game.

I checked my authorized devices on Steam — all my devices are visible, and there are no unknown devices. I also looked at my account sessions and noticed some strange logins. This has never happened before, and I double-checked my session history.

Some additional context:

  • I do not have the Steam API enabled.

  • I have two-factor authentication enabled.

  • I received no login notifications.

  • Some of these sessions occurred on days when my computer was completely off.

  • I received no login notifications or alerts about these sessions.

I already logged out from all devices and changed all my passwords. Yet, the same thing happened again last night — someone is still accessing my account.

The only unusual thing I did was use a piece of software a week ago to access Battlefield 6 in my country:
https://github.com/xModern54/zapret-bf

That’s the only thing I can think of that might have caused this. Since there are no unauthorized devices listed, it looks like some kind of authentication tokens were stolen, though enough time should have passed for them to expire.

On top of that, I’ve received emails from noreply@steampowered.com
about points being deducted to other profiles. No points were actually lost, but the messages are real Steam emails.

I really don’t understand what is happening. Has anyone experienced something similar? Could my account still be compromised? And how its possible?
Last edited by EnzyWeiss; 6 hours ago
< >
Showing 1-3 of 3 comments
d3str0y3r 6 hours ago 
Seeing as stuff it still happening on your account someone clearly still has access. Re follow the steps and do not skip any of them.

Follow these Steps to secure your account.
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://gtm.steamproxy.vip/dev/apikey (there should be nothing in the API Key)
#1
EnzyWeiss 6 hours ago 
I've done all this, but I'm still seeing strange sessions, so I'm writing here. I have no backup codes, and no strange devices...

It looks like the authentication tokens were stolen, but how is that possible if the session is still active?

there is no way to kill sessions...
#2
Chronocide 6 hours ago 
Originally posted by EnzyWeiss:
Yesterday, while I was playing, I got logged out of Steam. When I logged back in, I noticed that the game Rust had been running for 4 minutes. I haven’t launched this game in years, and it isn’t even installed on my PC. Somehow, someone accessed my account and started this game.
.....
I already logged out from all devices and changed all my passwords. Yet, the same thing happened again last night — someone is still accessing my account.
Try a different game to verify if it's specific to that game or is every game.
#3
< >
Showing 1-3 of 3 comments
Per page: 1530 50

All Discussions > Steam Forums > Help and Tips > Topic Details
Date Posted: 4 Nov @ 11:46pm
Posts: 3
Start a New Discussion

Discussions Rules and Guidelines