Steam account hijacking 'bug' fixed by Valve

by
Alex Hern
from Technology | The Guardian on (#FJXW)

Requesting password recovery email allowed attacker to gain access to gaming accounts without needing password or access to email account

PC gaming platform Steam has fixed a bug that allowed anyone to steal a user account by being armed with nothing more than the account's username.

The bug affected Steam's password recovery process for four days, from 21-25 July, and was excruciatingly simple: an attacker could try to log-in to someone else's Steam account, and ask for a password recovery email to be sent out.

Continue reading...

rc.img

rc.img

rc.img

a2.img
ach.imga2t.imga2t2.imgmf.gif
External Content
Source RSS or Atom Feed
Feed Location http://feeds.theguardian.com/theguardian/technology/rss
Feed Title Technology | The Guardian
Feed Link https://www.theguardian.com/us/technology
Feed Copyright Guardian News and Media Limited or its affiliated companies. All rights reserved. 2024
Reply 0 comments