Biggest hacking scandal of 2016


So the other day, my Steam account was stolen. By someone incredibly jealous, by my reckoning. I probably ruined them on Total War: Shogun 2 is my bet. I thought I’d document everything that happened on Twitter. If you follow me, you probably got fed up of the frequent tweets clogging up your feed. I documented it in this way so that I could look back at it and laugh, because it turned out to be a rather hilarious turn of events.

In recent weeks, I’ve been playing on my console a lot. With Christmas quickly approaching as well, I’ve struggled to find the time to power my PC on, never mind get stuck into a session on it. At some point last week, the urge finally overcame me and I fancied playing some good ol’ Real Time Strategy. I was toying between Total War: Rome II, Star Craft II and Company Of Heroes 2… all the sequels it seems. Anyway, I was going to load up Steam first and then see which game enticed me the most.

Only, I couldn’t log onto Steam. Password Incorrect? Rubbish.

So I did the old ‘Forgotten Password?’ trick and entered my username. It found me straight away and asked me to confirm the email address I wanted to send a reset email to. Plain sailing, right? Standard procedure and should be online within a couple of minutes? Wrong. This email address certainly wasn’t mine.

I then, begrudgingly, set about raising a case for a stolen account.

This wasn’t my first rodeo. As a youngling, I lost my Runescape account more times than I can remember, I’m still waiting for that Abyssal Whip and Obsidian Shield I was promised way back in 2006 come to think about it. So after emailing Steam and raising a case with them, I set about investigating myself.

This is where I thought to document it as well as I could on Twitter, so here are the chain of events in their chronological order…

I know, I know. How on Earth have I missed an email like this? Honestly, I havent a clue.

Obviously the IP was visible from the email; but in what context it was in, I hadn’t the foggiest.

Potentially. Of course, any hacker worth his salt would use precautions. The likes of VPN’s, proxies and other forms of internet anonymity aids.

Of course, the authorities would appreciate this. Me helping them out? Giving them a good idea of this international criminal is seeking refuge? Nah, I don’t think they’re all that interested.

Despite the Russian government’s lack of response, I was eager to find out more. The IP lookup had given me coordinates, I just had to see where this guy was.

Dont be silly, of course they don’t. They haven’t even sent a tweet in over 5 years…

But surely someone has some interest in this? No? Oh… ok then.

But just in case… here are the details!

Worryingly, it’s taken me well over 2 hours to think about checking my recent bank activity. Nothing. I hadn’t noticed any suspicious behaviour and thankfully after a good, hard look I couldn’t find any either.

The UN and the Russian authorities were too busy looking into my concerns to reply to this one.

I appreciate the severity of this, but 6 hours is a long time! Especially when you’re so eager to get online!

After 9 hours of patiently watching my inbox, I had to find a CD key. At this point I was safely tucked up in bed. I’d waited long enough already, so I decided that I could wait a little longer and deal with this in the morning! That’s if I could find a key knocking around somewhere…

Thankfully, I found a key that came with a graphics card from many moons ago. Printed the email, and hand-wrote my reference as per the instructions.

The waiting game began again, so I thought I’d conclude my investigation with some mug-shots. Unfortunately, I still haven’t got a positive ID yet. The Russian government seem to think it was Anatoly Cherdenko under an alias of Dmitry Vladimirovich, but they have been unable to locate his whereabouts. Apparently he’s escaped to the one place that hasn’t been corrupted by capitalism.

…and I thought that 6 hours was hard, 30 hours has killed me off! Do you know what’s worse? I think I would have gone with Star Craft II. Which doesn’t even run through Steam! Regardless, I’ve lost all desire now.

35 hours later. 35 hours! Its lesson learnt though. I’d recommend everyone who hasn’t already done so to set up Steam Guard on your account. Steam Guard is an additional level of security that can be applied to your Steam account. The first level of security on your account is your login credentials: your Steam account name and password. With Steam Guard, a second level of security is applied to your account, making it harder for your Steam account to fall into the wrong hands. When Steam Guard is enabled on your account, when you login to your Steam account from an unrecognized device you’ll need to provide a special access code to verify it’s your account. Depending on your Steam Guard settings, you’ll either receive an email with the special code or you’ll get it from the Steam Mobile app on your smartphone.

Massive thanks to Steam for sorting it out in the end, but screw you Dmitry Vladimirovich from Glazov. Screw you. I might post something like this on 4Chan and hope that someone is particularly bored. Fingers crossed that IP is the real deal!




2 thoughts on “Biggest hacking scandal of 2016

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s