news 
Hacking Gamers: First-Person Shooters Targeted By New Browser Attack
Gamers of first-person shooters, beware! Hackers have been targeting you in a newly discovered campaign that uses browser-in-browser attacks to compromise Steam accounts. The malicious actors are specifically targeting players of Counter-Strike 2, with the aim of stealing credentials and selling the compromised accounts on the black market.
The attackers use fake but realistic-looking browser pop-up windows to lure victims into logging into their Steam accounts. These pop-ups display a real site URL, such as Steam’s login page, to create a sense of trust. The hackers have even been using brand impersonation, specifically targeting professional eSports team Navi, by offering “free skins” in exchange for a log-in attempt.
Once the victim attempts to log into the fake Steam portal, the attacker steals their credentials and aims to take over the account for resale. This is not a trivial matter, as the value of compromised accounts can be staggering. In some cases, accounts with a large number of games and DLCs (downloadable content) have been sold on the black market for up to $30,000.
It’s important to note that this attack seems to target desktop users more so than mobile devices, as the pop-ups are designed to be most convincing at larger resolutions. So, gamers should be aware of their surroundings and take steps to protect themselves from these attacks.
How can you avoid falling victim to this browser-in-browser attack? The key takeaway is to never trust a URL bar that cannot be moved outside of the browser window. If you see a pop-up with a URL bar, try dragging it outside of the browser. If it’s stuck and won’t budge, then it’s likely a fake and you should exercise extreme caution.
Remember, gamers, your Steam account is only as secure as the precautions you take to protect it. Always be vigilant when logging into your accounts online, especially if you’re prompted to enter your credentials on an unfamiliar website or pop-up window.
Source: https://www.forbes.com/sites/daveywinder/2025/03/26/hacking-gamers-first-person-shooters-targeted-by-new-browser-attack/
