diff --git a/indicators/steam-tu2yq4ic.yml b/indicators/steam-tu2yq4ic.yml
new file mode 100644
index 00000000..ca2b548e
--- /dev/null
+++ b/indicators/steam-tu2yq4ic.yml
@@ -0,0 +1,27 @@
+title: Steam Phishing Kit tu2yq4ic
+description: Steam Phishing Kit that uses a fake Steam login window to steal user credentials.
+
+references:
+  - https://urlscan.io/result/21e56cd4-f042-4856-86cb-192372b403b7
+  - https://urlscan.io/result/f77fb88a-d6cc-4355-92e5-0527ddd5cf00
+  - https://urlscan.io/result/0a4bd282-305a-47cc-b239-c251d53f7382
+
+detection:
+
+  warning:
+    html|contains: 
+      - '<div id="NotLoggedInWarning" class="modal_frame">'
+
+  breadcrumbs:
+    js|contains|all:
+      - 'vgywykkm.uq'
+      - 'lppfocvr.fo'
+      - '.oxisae'
+      - '.zooms'
+      - '#groobly'
+      
+  condition: warning and breadcrumbs
+
+tags:
+  - kit
+  - target.steam