Possible Virus delivered by Steam Chat

[MaddAussie]

Guys

A quick heads up I've just been spammed by a Steam Chat from a freind that contained a link to a possible virus.

Links for a .jpg but it resolves to a .scr file. What ever you don dont open it, be safe out there.

https://www.virustotal.com/en/url/83...efde/analysis/

https://www.virustotal.com/en/file/d...is/1419978653/

Aussie

[Gerrard]

I read about this yesterday on Tom's Hardware: -

http://www.tomsguide.com/us/steam-ch...ews-20073.html

Going by the comments there, it's been around for a while. Luckily, I don't have any friends on Steam (by choice), so it's not a problem!

[Ferral]

Yeah, I got a load of links sent from KeyboardDemon here via chat, got the warning from Steam when I clicked the link and as soon as I did that it opened up and asked if I wanted to download a file so cancelled.

Literally it sends a link and under it shows WTF?!!!

[MaddAussie]

Yeah, I got a load of links sent from KeyboardDemon here via chat, got the warning from Steam when I clicked the link and as soon as I did that it opened up and asked if I wanted to download a file so cancelled.

Literally it sends a link and under it shows WTF?!!!

I didn't want to embarrass KD

[KeyboardDemon]

I'm not embarrassed, any other time and this wouldn't have got this far, but it's holiday season and I have a house full of kids, my kids and their cousins. They were playing Gauntlet on my PC and when they quit there was a message to look at a picture and one of the older kids wanted to investigate, I suspect he was hoping for boobs or something. Anyway, he apparently kept plugging away at the link, MaddAussie counted 14 hits on the WTF message.

I don't usually leave my PC while it is surrounded by a bunch of kids! lol. Anyway, perfect excuse to reinstall. Too busy at the moment, but hope to get it done over the weekend. Fingers crossed.

[MaddAussie]

If I'd know it contained boobs I would have opened it

[Ferral]

No, not at all, I would hope that if someone got that from me they would let me know on here publicly so anyone that got the messages was aware and I was made aware if I didn't already know.

I no way was that a name and shame type thing towards KeyboardDemon

[KeyboardDemon]

No, not at all, I would hope that if someone got that from me they would let me know on here publicly so anyone that got the messages was aware and I was made aware if I didn't already know.

I no way was that a name and shame type thing towards KeyboardDemon

It's all good. If I had an issue with it I would have PM'd you by now. Take the absence of a PM as a good thing. Happily, when it happened I got messages from MaddAussie, erudito87 and some of the ppl on Steam. I ended up having to send an apology and message letting people know I have an issue through chat. Luckily I don't have that many Steam contacts, less than 100, so all I had to do was paste send and close each chat window.

[darknessblade]

yeah it could be a virus, since hackers can hide lines of code behind images

if the files are larger than 4mb it is a hidden virus.

so dont open them.

they lead to a hacked steam account. and you will find all your items missing.

i had a steam bot too who wanted me to log in into a fake site.
malwarebytes antimalware gave a alarm already

[kentishh]

Lots of fake accounts are adding me recently which I just either block or ignore. If someone adds you that you havent played with recently then just be safe and block whoever tried to add you, chances are they will attempt to scam/hack you

[retromoustache]

Alas, this 'new' by method by phishers has become increasingly. Due to having open trades on games such as TF2 and sometimes CS:GO, I'm at certain points, constantly bombarded with these phishers (being bots most of the time) which post a random URL claiming to be a picture along with a message such as "WTF?!?!?"
Therefore, I usually block people if they have a Private Steam Profile (Steam Level 0), or have a profile with one game irrelevant to what game I want trades from. Some of these seem to have hundreds of hours (500+) on Dota 2.
I have once come across a friend who was hacked/scammed via this trick in which then sent me a phishing link. Usually, I ignore such links but do not delete them from my friendlist, as fortunately, for this friend, he was able to recover his account. However, items within his inventory was cleared. I do remember this anecdote now and then which does show the consequences of following these links.
A good site which I suggest if you haven't heard of it, is called SteamRep. Simply put it, users can check and report phishers on certain criteria.