Install Steam
login
|
language
简体中文 (Simplified Chinese)
繁體中文 (Traditional Chinese)
日本語 (Japanese)
한국어 (Korean)
ไทย (Thai)
Български (Bulgarian)
Čeština (Czech)
Dansk (Danish)
Deutsch (German)
Español - España (Spanish - Spain)
Español - Latinoamérica (Spanish - Latin America)
Ελληνικά (Greek)
Français (French)
Italiano (Italian)
Bahasa Indonesia (Indonesian)
Magyar (Hungarian)
Nederlands (Dutch)
Norsk (Norwegian)
Polski (Polish)
Português (Portuguese - Portugal)
Português - Brasil (Portuguese - Brazil)
Română (Romanian)
Русский (Russian)
Suomi (Finnish)
Svenska (Swedish)
Türkçe (Turkish)
Tiếng Việt (Vietnamese)
Українська (Ukrainian)
Report a translation problem
Discussions Rules and Guidelines
13 
Report this post
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://steamhost.cn/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://steamhost.cn/twofactor/manage
5. Revoke the API key https://steamhost.cn/steamcommunity_com/dev/apikey (there should be nothing in the APIKEY)
I understand that it's upsetting to hear that we can't restore your items. I also know that your items are valuable to you but Steam Support does not restore scammed, lost, or stolen items for any reason.
If you haven’t yet, please take a look at our security recommendations article, which outlines ways you can protect your account and what to watch out for.
As previously stated, if the items were Trade Protected, you may evaluate and begin the process of reversing eligible trades through your Trade History page.
On the other hand, I've reviewed the account's security history and it looks like the hijacker accessed your account on July 18 (PST).
They knew your account name and password. In most cases, hijackers get this information through phishing sites. These sites look legitimate and are often tied with trading or tournaments but are intended to steal your login details - sometimes the malicious sites can even look like the Steam.
On the same day, they transferred the authenticator to their own device - doing this required an SMS code sent to your phone number at 17:50:46 (PST). I can see on our end that you were alerted for it. Transferring the authenticator reduces the trading restrictions to 2-days (rather than the normal 15-days). Since the hijacker had full access to your account and the authenticator, they were able to submit the trade and confirm it using the mobile app that they transferred the authenticator to.
Since it's unlikely they had direct physical access to your mobile device, this means the code was somehow provided or even intercepted.
Thus, while on your end it appeared as if there was no confirmation required; this was actually due to the hijacker having full control over the account, and being able to approve said activity from their end (in which you wouldn't see).
Again, I'm sorry we are not able to restore your items.
Steam Support
Apryle