A nasty new Steam scam is currently making the rounds, and it goes way beyond the usual phishing links to hijack your entire PC. Scammers are tricking Counter-Strike 2 players into downloading malware that disables Windows security features and fakes the actual Steam client interface to steal hundreds of dollars in in-game items.

From what I was able to deduce by reading a detailed warning posted on the r/cs2 subreddit, the trap starts innocently enough. Players are invited to join a third-party Faceit match and told to download the platform’s anti-cheat software through a Discord bot.

Steam Support Ticket Possibly Compromised ( HELP )
byu/spxcyalien incs2

That bot actually delivers a highly malicious payload. Once installed, things get pretty bad. The malware deeply infects the system and logs the victim out of Steam.

When they log back in, the malware actively spoofs the native desktop application. According to the victim, their Steam client showed a fake, permanent VAC ban on their profile. It even displayed a fabricated Steam Support ticket right inside the app.

Spoofing the actual desktop app is a massive escalation. To force a panic, the fake support rep warned the user their account was facing an integrity reset. They were told to dump all their valuable weapon skins into a “safe” account immediately or lose them forever.

If you try to trade your items to a trusted friend, the malware automatically blocks that friend. It immediately substitutes a scam bot with the exact same name and profile picture to intercept your inventory.

The level of control it takes over Windows is starting to look like a massive headache. The infected user reported they could not open Windows Defender or visit any malware removal websites. Every attempt to access antivirus pages returned a secure connection error.

It goes deeper. The virus wiped out the “Reset PC” button in the Windows Recovery Environment. That alone is notable. The user ultimately had to partition their drive from the BIOS and reinstall Windows from a USB drive just to escape it.

The story was quickly cross-posted to the r/SteamScams community, where users called it one of the most intricate attacks they had ever seen. Scammers usually rely on fake browser windows or stolen session tokens. Injecting fake support tickets directly into the local Steam interface is a tough sell to catch if you are panicking.

steam-scam-post-reddit

For now, just remember that official platforms do not distribute software through random Discord bots. If a stranger asks you to download an executable file to play a match, ignore them and keep your account safe.

Featured image generated with AI

TechIssuesToday primarily focuses on publishing 'breaking' or 'exclusive' tech news. This means, we are usually the first news website on the whole Internet to highlight the topics we cover daily. So far, our stories have been picked up by many mainstream technology publications like The Verge, Macrumors, Forbes, etc. To know more, head here.

user-profile user-profile

Dwayne Cubbins
1475 Posts

For nearly a decade, I've been deciphering the complexities of the tech world, with a particular passion for helping users navigate the ever-changing tech landscape. From crafting in-depth guides that unlock your phone's hidden potential to uncovering and explaining the latest bugs and glitches, I make sure you get the most out of your devices. And yes, you might occasionally find me ranting about some truly frustrating tech mishaps.

Comments

Follow Us