From now on, developers will have to confirm their identity via SMS to update their games on Steam
Valve has begun to actively implement new security measures to combat cyberattacks that attempt to gain access to developers' Steam accounts to add malware to their projects. The new approach requires developers to verify their identity before rolling out new game builds via SMS.
Wondering why Steam devs will have to confirm via SMS before publishing new game versions or adding users?(https://t.co/EIyLHyA02N....)Looks like it's related to hackers taking over Steam dev accounts & adding malware to game builds. (Screenshot via @SteamDB from Sept. 2023.) pic.twitter.com/WfjGiHdhxm
- Simon Carless (@simoncarless) 10 October 2023
Here's What We Know
This information was disclosed by Simon Carless from the GameDiscoverCo newsletter. And PCGamer found a screenshot of a message from Valve, in which it informs developers whose accounts have been compromised by attackers about new measures.
Valve provides a detailed description of the new security measures in its blog post, explaining that developers must verify their identity using SMS verification only when moving a build to the default branch, and this only applies if they are releasing their game.
The blog post also discusses various tools that developers can use to deploy their builds, such as steamcmd and SetAppBuildLive. It also explains how developers can verify their identity when using these tools.
Source: GamingBolt with reference to PCGamer and Simon Carless