I accidentally got a virus, possibly a Lumma Stealer, that my Windows Defender detected and I deleted. However, the issue persists; someone keeps logging into my Steam and EA accounts, even after I've changed the passwords! What's confounding is that they're bypassing my Multi-Factor Authentication (MFA). How can that be? I even changed passwords for all my email accounts.
What's even stranger is when I lost access to my Steam account, I saw my emails get deleted in real-time. Do they have access to my email? How is that possible? After reinstalling Windows a week ago, I woke up today to find my Steam account hacked again and my Riot ID taken by them, along with a deleted email notification that I only saw on my watch but not on my PC. Does this mean they have access to my email? Why haven't they changed the email password?
What steps should I take now? I've tried scans with Malwarebytes, Kaspersky, and Windows Defender, but nothing is flagged, and I keep losing access to my accounts, especially with emails linked to the hacked accounts getting deleted. It's worth mentioning that when I wiped Windows, I didn't touch the second drive. Does that matter? I've read that you need to delete the primary partition when reinstalling. Thanks for any help; I'm at my wit's end!
3 Answers
Lumma Stealer is sneaky; it targets saved passwords and session tokens. Whenever you suspect a breach, it's crucial to change all your passwords and force log out from all devices. Just deleting stuff won’t cut it, especially if the malware stored in your system is still lurking. Consider checking all devices you logged into for unauthorized sessions, and evaluate if any of your software is compromised.
Sounds like a tough situation! You mentioned doing a factory reset instead of a clean install. Are you sure you wiped both drives during that reset? If you're still getting hacked, it might mean that there’s still some malicious software lurking in your secondary drive or another device that’s connected to your accounts. I would recommend doing a thorough clean install on all drives. Just make sure to back up important files first and scan them for viruses!
I think I might have only reset the Windows drive. Should I wipe everything? What if I need files from the second drive?
It might be a rootkit causing these issues. I'd suggest you get a new storage device to be safe. Rootkits can be really tricky, and they can hide very well. If you've got critical data on your second drive, it would be wise to back it up after thorough scanning.
You really think that’s necessary? Can’t I just reset it somehow? Does this apply to the secondary drive too?
But if I deleted everything, how are my accounts still getting hacked? I feel like there’s more to it.