Steam Security: Explained: How Steam is planning to stop hackers from pushing malware-laden game updates

0 53

To address a recent surge in malware distribution via hacked publisher accounts, Valve is enhancing security for developers on Steam. The company has introduced extra secure measures like SMS-based confirmation codes to safeguard both game publishers and players.
What is Steamworks and how is it involved
Steamworks is a set of tools and services that software developers use to distribute their products on the Steam platform.These tools and services are one of the core reasons for these security enhancements.
With Steamworks, game publishers can handle various aspects of their title, This includes DRM (digital rights management), multiplayer modes, video streaming, matchmaking, achievements system, in-game voice and chat, microtransactions, statistics, cloud saving and community-made content sharing (Steam Workshop).
In the last few months, a high number of compromised Steamworks accounts have been reported. Using these accounts, hackers are uploading malicious builds of the game that can infect players with malware.

In a note shared by Valve, the company assured the gaming community that the impact of these attacks was limited to a few hundred users. Steam-parent also noted that it sent individual notices to these users to inform them of the potential breach.

How Valve is planning to tackle the issue
Valve is set to enforce a new SMS-based security check starting on October 24 to solve the “compromised account” issue. In a blog post, the company confirmed that game developers have to pass this authentication before pushing an update on the default release branch. However, this verification system will not cover beta releases.
If someone tries to add new users to the Steamworks partner group, which is already protected by an email-based confirmation, will also have to go through this authentication system. Starting October 24, the group admins of respective channels have to verify the action with an SMS code.
Valve also noted that there will be no workaround for developers without a phone number. So, game makers need to find a way to receive text messages to continue publishing on the platform.
Read what the company has to say
“As part of a security update, any Steamworks account setting builds live on the default/public branch of a released app will need to have a phone number associated with their account so that Steam can text you a confirmation code before continuing. The same will be true for any Steamworks account that needs to add new users. This change will go live on October 24, 2023, so be sure to add a phone number to your account now. We also plan on adding this requirement for other Steamworks actions in the future.”

Source link

Denial of responsibility! YoursTelecast is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.
Leave A Reply

Your email address will not be published.