Valve has introduced new security measures for developers to crack down on cyberattacks that revolve around malicious actors and hackers taking over Steam developer accounts in order to add malware to game builds. As part of the new security measures, developers will now need to confirm their identity to Valve through SMS when deploying new builds for their games.
Word of the new security measures were revealed thanks to Simon Carless of the GameDiscoverCo newsletter. As caught by PCGamer, Carless posted a screenshot of a message from Valve that states that it has alerted developers whose accounts have been compromised by hackers.
Valve has detailed its new security measures through a blog post, where it elaborates on the new SMS verification, which clarifies that developers will only need to verify their identity when pushing a build to the default branch, and only if their game is released.
The blog post also further elaborates on developers can use various tools to deploy their builds, like steamcmd and SetAppBuildLive, and how developers will be able to verify their identity through these tools.
Wondering why Steam devs will have to confirm via SMS before publishing new game versions or adding users? (https://t.co/EIyLHyA02N….) Looks like it’s related to hackers taking over Steam dev accounts & adding malware to game builds. (Screenshot via @SteamDB from Sept. 2023.) pic.twitter.com/WfjGiHdhxm
— Simon Carless (@simoncarless) October 10, 2023