📖 Overview
A suspicious Steam Community URL has been identified that may be leveraged as a command-and-control (C2) channel for a remote access trojan (RAT). While the page masquerades as a legitimate Steam login portal, its infrastructure suggests malicious use. Confidence is assessed at 50%.
📌 Key Details
Field | Information |
---|---|
Type | URL |
Indicator | https://steamcommunity[.]com/id/tfy5d6gohu8tgy687r7 |
Threat Type | Botnet C2 |
Malware | unknown_rat |
Confidence | 50% |
Date | 08 Oct 2025 – 16:30:40 UTC |
Tags | None |
Reporter | tanner |
Reference | None |
🔎 URLScan Result
- Verdict Score: 0
- Page Title: Sign In
- Screenshot: View Screenshot
- Result: Full Scan Report

📡 Related Intelligence
- VirusTotal Report: VirusTotal URL Report
🛡️ Defensive Guidance
- Block access to steamcommunity[.]com/id/tfy5d6gohu8tgy687r7 at DNS, proxy, and endpoint levels.
- Monitor for suspicious Steam-related URLs being used outside of expected gaming behavior.
- Hunt for RAT infection artifacts, including persistence mechanisms and anomalous outbound traffic.
- Educate users on phishing risks related to gaming platforms and fake login portals.
⚠️ This IOC highlights the abuse of trusted gaming platforms like Steam as lures for credential harvesting and potential C2 operations.