'TWITCH MALWARE'
It's actually a steam community thing...
That's just stupid, valve needs to get on this
[QUOTE=Scratch.;45962387]'TWITCH MALWARE'
It's actually a steam community thing...
That's just stupid, valve needs to get on this[/QUOTE]
It's actually a Java thing.
It's actually an HTML thing.
Just nerd things.
It's actually a binary thing. What beats a Royal Flush? I think thats game over.
"If viewers take the bait, they are invited to [b]fill in their name and email address[/b] which then allows the malicious software to gain control, allowing it to:"
..
Do people still not know what phishing is? This has been going on for such a long time...
I do not understand how a problem with Twitch can allow all those things to happen in Steam.
Are Twitch and Steam married or something?
[QUOTE=tirpider;45963509]I do not understand how a problem with Twitch can allow all those things to happen in Steam.
Are Twitch and Steam married or something?[/QUOTE]
Not really but
[url]http://blog.twitch.tv/2013/07/link-twitch-to-your-steam-account/[/url]
Not related to thread though
[quote]
Take screenshots
Add new friends in Steam (a gaming shop and community commonly linked to Twitch accounts)
Accept pending friend requests in Steam
Initiate trading with new friends in Steam
Buy items, if user has money
Send a trade offer
Accept pending trade transactions
[/quote]
[img]http://5crat.ch/a/98ys[/img]
Quick fix would be to revoke access to whatever platform
I see the convenience that folks would enjoy.
Seems like Steam would be hot to fix something so easily exploitable.
Or at least disallow Twitch as a trusted thing to link your account to until it's sorted out.
Kinda makes Steam look bad if they don't take steps to protect their customers.
Well, Tirpider, I love Valve, but they're sort of incompetent when it comes to Steam and customer service, what with the greenlight games and other shady stuff making it through, not getting removed unless it explodes on Youtube that points a fat finger at them.
I dig them too.
Hope they man up and handle it.
This has absolutely nothing to do with either Steam or Twitch having security vulnerabilities, it's just stupid people getting tricked into running a java app on a shady website that then proceeds to install malware on your computer. That malware then automatically sells everything in your inventory, empties your steam wallet by purchasing expensive items and gifts them to the scammers running this thing. There isn't much that either Twitch or Valve can do against this sort of thing apart from warning their users not to visit shady websites.
You should read the original article instead of this poor BBC report on it that fails to mention the most important parts: [url]http://www.f-secure.com/weblog/archives/00002742.html[/url]
[QUOTE=pebkac;45968664]This has absolutely nothing to do with either Steam or Twitch having security vulnerabilities, it's just stupid people getting tricked into running a java app on a shady website that then proceeds to install malware on your computer. That malware then automatically sells everything in your inventory, empties your steam wallet by purchasing expensive items and gifts them to the scammers running this thing. There isn't much that either Twitch or Valve can do against this sort of thing apart from warning their users not to visit shady websites.
You should read the original article instead of this poor BBC report on it that fails to mention the most important parts: [url]http://www.f-secure.com/weblog/archives/00002742.html[/url][/QUOTE]
Why isn't Java click to play or completely disabled by default these days? Its only purpose on the modern web is being vulnerable to 0-days.
[QUOTE=SteveUK;45968701]Why isn't Java click to play or completely disabled by default these days? Its only purpose on the modern web is being vulnerable to 0-days.[/QUOTE]
Isn't it? On firefox at least, I need to [URL="http://i.imgur.com/gdokhLF.png"]activate it[/URL] on each app that tries to run. (Might have been me messing around with the config, so I'm not sure)
[QUOTE=Coment;45968786]Isn't it? On firefox at least, I need to [URL="http://i.imgur.com/gdokhLF.png"]activate it[/URL] on each app that tries to run. (Might have been me messing around with the config, so I'm not sure)[/QUOTE]
Not on Chrome unless your plugin is out of date.
[QUOTE=tirpider;45964556]I see the convenience that folks would enjoy.
Seems like Steam would be hot to fix something so easily exploitable.
Or at least disallow Twitch as a trusted thing to link your account to until it's sorted out.
Kinda makes Steam look bad if they don't take steps to protect their customers.[/QUOTE]
Can't really fix user incompetence.
Sorry, you need to Log In to post a reply to this thread.
