Posted on

Steam Profiles Vulnerability and What You Need to Know

The screenshot of a Steam Profile

Most probably you read about this since it happened because it became popular on the web and on Reddit, but if you don’t know, here I am to explain you what happened on Steam profiles recently, and how Valve fixed it.

The Issue

There was an issue, already fixed by Valve in a very short time, that was affecting profiles of users on Steam.

The issue was related to title on Steam profiles, and it was allowing people to inject malicious code in their own profiles, so that users visiting them, and clicking on links, would be redirected to fake sites that would infect their computers to steal data.

To be more specific, this was a XSS (Cross-Scripting) vulnerability, and it was very easy to exploit, in fact as soon as it became popular online, many users started creating profiles with the only intent to exploit them.

Is it Safe Now? Am I Infected?

As I already said, the vulnerability has been patched by Valve in a very short time, and profiles are now secure.

Even if it’s very unlikely that you have been infected, it’s never impossible.

If you are seeing weird activities on your Steam market, or with your Steam wallet, or any other weird activity that you don’t know about on your profile, there’s a chance that you have been infected.

For security, I suggest you to change your Steam password and to scan your computer with an anti-virus. Also, if you are not using it already, turn on the 2-Factor Authentication on Steam, known as Steam Guard, which asks you to use a one-time generated token from your mobile device to log in, in addition to your username and password.

If you are interested in reading the details of the vulnerability, you can check this post on Reddit.


If you like this article and want to see more and support me, consider following me on Twitch!

Leave a Reply
You have to agree to the comment policy.