They said a communications software seemed to have been the culprit that caused my account to be phished and hacked. This was done by hacking the email associated with my Steam account. This happened when I received a DISCORD INVITE LINK from Reddit (thread was reported to an admin and the thread was removed. Others reported similar issues).

I will not include the link but please be wary about discord invites in the future.

I do not know how it worked but after sending logs to Steam, today they confirmed that my statements were true about being forcibly hacked but they remain adamant on the stance that “I am responsible for it”. Even so, they will allow me to charge back and use the help ticket with the evidence I’ve provided them and after the fact removed the games they purchased from the account permanently without issue.

All except the money that was used on Tree of Savior.

I am bringing this to light because now Steam has confirmed with evidence (I’ve included it in the ticket) that I was hacked and admits this is the case but point blank tells me that I must consult with Tree of Savior about the issue and have them investigate it, as they do not control Tree of Savior. This means it’s up to the ToS Fraud and Investigation Unit to provide me a refund and reroll my acc to the day before this all happened.

I’m an old player who’s account had several valuables that were ripped from the account. Furthermore, my CARDS were used along with the other persons cards (which I’m filing a police report for and forwarding to Steam, since they have a trail since the hacker used his own CC on my acc). They took $691.98 USD and added about $134 of their own between various games, including Tree of Savior.

I’ve provided all the screenshots, including the admittance from Steam that I was hacked. Yet its been a few days since I’ve heard from Tree of Savior support. Is there any other way I can contact or get this more publicity?

AGAIN: Any evidence has already been placed in a ticket.

Edit: $691.98 on ToS. This isn’t including charges for Steam on other games that they GIFTED to other accounts.

Edit 2: A software engineer on Reddit highlighted to me that it forcibly signs me out of my emails and had forced me to resign in again, which is probably how the password was stolen. That the malware isn’t detected by (when he tested the logs) Anti-Malware or Virus protections until after you’ve attempted to log into anything WEB based using a password. I had Malwarebytes on at the time and Windows Microsoft Defender, which went undetected but didn’t quarantine the malware nor did it LET me run Malwarebytes. In fact, I had to reinstall my OS and completely exchange out 2 of my HDD’s.

Edit 3: Steam confirmed it’s from Discord invite with me. Sent evidence to TOS support team.

@STAFF_Yuri
@STAFF_Amy
@STAFF_Ines
@STAFF_Letitia
@STAFF_Bob
@Staff

What a mess, “luckily” the one that hacked you was a complete idiot

Yeah, because they put their CC information and whatnot on my Steam, I was able to file a police investigation with the help of Steam and PayPal who have been very compliant and told me to go through first Tree of Savior for refund and then I can proceed through Steam. If not I can issue a charge back and Steam will remove handle the situation accordingly and not ban me. They even gave a phone number for the investigators and the banks are following through with it.

this is the very reason why i don’t like connecting my steam account to anything >__<;;;;

at least when i get hacked, there’s only steam to blame for it

Yeah, they were apprehensive at first until they realized the full extent of the damage. To be honest, I’ve used this email explicitly for Steam for such a long time and this is the first occurrence of anything going wrong. Matter of fact, when I traveled to California with my wife, Steam blocked my account when I’d play with her there and hers when she played here.

So I’m super conflicted as to how ALL of this got through in the first place ):

I had 4 accounts and all accounts I cannot login the accounts in any server, I even tried my friends account from Brazil and still cant login! everything after this Update today, wtf is happening???

did you checked if you got banned? ‘w’ there are occurrences where multi account peeps are being autobanned by their automated screening

Sounds like you sold your account and tried to get it back. Sorry but there’s just too much going on here.

So you’re saying that they got your email–one you only used for this specific Steam account, for Tree, and that they also somehow got the CIDs to your credit cards (which you have to use for every gift purchase and purchases which exceed a certain amount)? Why, if you were smart enough to set up an email for this one Steam account, did you not think to enable 2-step authentication on it? Why would you have 2-step auth on your Steam Account, but not your email?

Where did you get this magic Discord link that logs you out of your email? Was it not a red flag when you clicked said link that it was asking you to log into your email again?

Was the ticket you put in with IMC answered? Or did it go to the email which you say was hacked?

What browser are you using that it did not warn you immediately that you weren’t on a secure site?

So many questions.

Did you get banned ?

@Csiko

Ask questions but don’t be so condescending. I’ll gladly share what information I’m willing to but I’ll have you trust that I’ve sent my support tickets and they’re being reviewed by ToS Support and Fraud team.

I use Opera as a web browser. Furthermore, I did set up two-step authentication. In fact, in my ticket to support – I sent Tree of Savior the screenshot of the talk with Steam where they admit that the two-step authentication can and was spoofed through Malware disguised as a communication software which could have been downloaded and installed at some point. This is how, Steam Claims, they spoofed the credentials and by-passed the two-step authentication. Asking me what that means is beyond me.

Irregardless, I’m sure the people at Steam who work on these sorts of issues are far more qualified than I am but their investigations turned up that I was indeed a victim of an account hijacking and handled it promptly by unbanning me and handing me back my account that I have been allowed to place on a new email.

The biggest mystery has been PayPal shutting down my account after the theft was reported which is where my cards were used. Whenever I’ve made a charge through paypal it has asked me to place in a password and then it will proceed to verify these charges.

I’m not sure if they used a password that was phished at some point in time or another but I highly doubt that they just magically by-passed it. It doesn’t work that way.

I am still talking to Steam through an open support ticket about the matter as well as PayPal.

My ticket to IMC was answered once and I’ve been updating the thread daily with conversations and evidence from Steam.

To answer your question, no. I did not get a red flag warning but I don’t imagine why you would find that hard to believe.

Every transaction OUTSIDE of Tree of Savior was refunded to me by Steam to my PayPal, which I’ve asked to mail checks to me instead of doing an instant deposit. I just feel safer about the matter that way, if you’re curious as to why.

[Album] Imgur

This is only one of a few more. The others have more personal information which I won’t place public, but this is where it all began when I started questioning them on the matter as to “what sort of malware and what phishing”.

Take it how you will and I understand your healthy skepticism but it genuinely did happen as I’ve explained here. Including the charges to my cards through Paypal.

I can also post the screenshot of their attempted use of the card in which it shows Declined several times before it went straight into PayPal. Everything else is more personal and I’d like for you to trust that the ToS team is competent enough to sift through the facts and b.s. to get to the bottom of it, just like Steam did when they gave me back my account, refunded my purchases made OFF of ToS, and am still unbanned.

Well, from the perspective of anyone reading this, what’s easier to believe?

That everything you say happened, or that you sold your account, which is why every single security feature protecting it had been disabled?

I’m not trying to kick you while you’re down or anything if what you say is true, I just hope you understand how unbelievable the story is.

Do you know what that usually means? Stolen CC was used, simple as that.

@Csiko

I understand. Hence why I included the screenshot of their investigations up there. You don’t have to take my word for it, you can take theirs. They literally tell you what happened. Unbelievable as it may be, their word. Have at them if you wanna challenge it.

My security features were removed thanks to Malware and you can stop even presuming it was because of selling an account.

Nope, I don’t know what that usually means because this is the first time this has happened to me period.