Skip to content Dark Web Informer - Cyber Threat Intelligence
IOC

IOC Alert: Suspicious Steam Community URL Used for RAT C2

📖 Overview

A suspicious Steam Community URL has been identified that may be leveraged as a command-and-control (C2) channel for a remote access trojan (RAT). While the page masquerades as a legitimate Steam login portal, its infrastructure suggests malicious use. Confidence is assessed at 50%.


📌 Key Details

FieldInformation
TypeURL
Indicatorhttps://steamcommunity[.]com/id/tfy5d6gohu8tgy687r7
Threat TypeBotnet C2
Malwareunknown_rat
Confidence50%
Date08 Oct 2025 – 16:30:40 UTC
TagsNone
Reportertanner
ReferenceNone

🔎 URLScan Result



🛡️ Defensive Guidance

  • Block access to steamcommunity[.]com/id/tfy5d6gohu8tgy687r7 at DNS, proxy, and endpoint levels.
  • Monitor for suspicious Steam-related URLs being used outside of expected gaming behavior.
  • Hunt for RAT infection artifacts, including persistence mechanisms and anomalous outbound traffic.
  • Educate users on phishing risks related to gaming platforms and fake login portals.

⚠️ This IOC highlights the abuse of trusted gaming platforms like Steam as lures for credential harvesting and potential C2 operations.

Latest