Steam just announced very troubling news: its economy of traded items and collectibles with real-world money value is under attack from hackers. One of the many great points about Steam, the gaming platform developed by Valve Software, is that you can get real-world gains for playing a game constantly or even participating in one of the annual events. These gains can turn to some serious cash for some.
But all that is compromised when Valve released a blog post saying that hackers are systematically breaking into accounts to pillage items storage. The problem had become so bad that Valve admitted that they have received 77,000 hacking issues per month.
The Next Web reported that Steam believes that no Steam account is safe from hacking teams working within Steam. They released this statement:
The "I got hacked" story is told so frequently it's become commonplace. And that makes it easy to forget its significance; compromised security of email accounts and PCs, Steam account violation, and theft. We used to hold the opinion that if you were smart about account security, you'd be protected-it's easy to assume that users whose accounts were stolen were new or technically naïve users who must be sharing their passwords or clicking on suspicious links. That's simply not the case.
The fact that many Steam users do not even activate the two-factor verification for their own security makes hacking all the more easier. To address this, Steam has rolled out the logic trade holds and how they work.
Anyone losing items in a trade will need to have a Steam Guard Mobile Authenticator enabled on their account for at least 7 days and have trade confirmations turned on.
Otherwise, items will be held by Steam for up to 3 days before delivery. If you've been friends for at least 1 year, items will be held by Steam for up to 1 day before delivery.
Accounts with a Mobile Authenticator enabled for at least 7 days are no longer restricted from trading or using the Market when using a new device since trades on the new device will be protected by the Mobile Authenticator.