Post by NathanHunter » Sat Jul 25, 2020

Did some digging; this site is shady. The site is 3 days old; has a fake Steam login window, claims to be part of a Ukrainian IT company, has very broken English, has multiple instances of conflicting information (location of server, company, and host IP). Additionally they claim to have been around back in 2011 despite the domain registration being very recent.

Given the nature of the fake Steam login specifically; it is clear that the site commits a man in the middle attack and gains access to data and the account. The spread seems limited to Steam messages but that still leads to many accounts being compromised.

"m8, can u vote for my team csgo tho if we will get into top 1 (now in 2th place) i'll drop few keys as thanks?" This is a direct copy of the message I was sent from a compromised account. They seem to bot messages and use the new accounts to continue to spread across a wider base.

I tried to make and sign in with a burner account and didn't get bast the site's logon page. They seem to screen Steam accounts for this and don't waste resources on them. I did a YouTube video covering as much as I could gather. Because of how new the scam is though; there isn't much to uncover.

