Valve has added extra security measures for developer accounts on Steam after hackers updated several games with malware.
The attack was swiftly prevented, and the games affected were owned by less than 100 players, who were promptly sent an email from Valve warning them of the attack. Now, as PC Gamer reports, the company is introducing new two-factor authentication methods for developer accounts on Steam in order to ensure similar, more egregious attacks don’t happen.
While less than 100 affected users doesn’t sound too severe, those affected may view it differently. Developer Benoît Freslon, creator of a game called NanoWar: Cells VS Virus, took to Twitter to explain that the hackers had taken control of his browser access tokens, essentially granting them access to any service he’d been logged into.
The new security measures are a “necessary tradeoff for keeping Steam users safe and developers aware of any potential compromise to their account,” Valve stated to PC Gamer, adding that it had also seen “an uptick in sophisticated attacks” on developer accounts recently.
It’s likely that these new security measures, which will go live on October 24, weren’t just a knee-jerk reaction to this most recent malware strike. Valve notes in its Steamworks post on the matter that developers will require a phone in order to receive text messages to pass two-factor authentication.
That may be a little irksome for developers who don’t like to use their phones for work purposes, but if it’s to prevent similar attacks potentially affecting some of the best Steam games in the future, then it’ll certainly be a necessary deal. Especially so, if what Valve says about an uptick in malware attacks is true.
Valve’s new security measures may prove frustrating for developers at first, but will hopefully allow extra protection for the best PC games and best free games on Steam you can play in 2023.
