Criminals are using a new type of phishing to steal Steam accounts and resell them. This is what experts call an in-browser browser attack, which indicates that the login screen appears as a popup.
The new technology was discovered earlier this year by a researcher under the pseudonym the master. Now it seems from a Research From security company Group IB, this technology is used to intercept Steam account credentials. Similar to well-known phishing techniques, the victim is redirected to a fake website created by the hacker. This is also the case with these attacks on Steam users. Victims are drawn to the Counterstrike tournament website and must log in with their Steam account.
Normally, the ssl certificate as well as the url often show that it’s not a legitimate site. With in-browser technology, this is often hard to see, because this phishing site uses JavaScript to display a login popup, which is almost indistinguishable from the real Steam login window.
The window can simply be moved within the open tab. In addition, the URL in the fake window is also legitimate and the green padlock of the correct SSL certificate is displayed. Only when the victim closes the first window will it become clear that the popup is part of the current page.
The moment the victim successfully logs in through the fake window, the criminals can gain access to the Steam account. In order not to alert the victim, upon successful login, they will be redirected to the course entry confirmation page.
