My little brother downloaded a trojan I don’t know how long ago, I found out when I realized my malware bytes was gone for some reason, and when I got it back, I had 36 files sent to quarantine after the first scan! He tried downloading a mod for something, he is still afraid to tell me the truth. The hackers have been sending messages on steam and instagram, but I have 2FA on all of those and I get login alerts, what’s the point if they got through all of these?? What can I do besides changing my passwords?
Your machine is compromised, so the hackers are simply stealing the post 2FA session tokens from your computer. Basically, once you enter your password and complete the 2FA challenge, the server grants an access token to your computer so you don’t need to repeat the process for every interaction with that service. If there is malware on your computer, those tokens can be stolen and reused by nefarious actors.
2FA isn’t a foolproof system; it just makes it significantly harder for hackers to log in. And they’re basically piggybacking on your successful login to hijack your accounts.
Format the machine and change *all* your passwords.
(And don’t let your little brother use your computer again)
Great advice above but some additional advice. Some programs can be ‘authorized’ to access your account so depending on the platform, you may need to look for “connected services” and purge them.