diff --git a/indicators/steam-JcQRrby.yml b/indicators/steam-JcQRrby.yml
new file mode 100644
index 00000000..adaf0086
--- /dev/null
+++ b/indicators/steam-JcQRrby.yml
@@ -0,0 +1,21 @@
+title: Steam Phishing Kit JcQRrby
+description: These are usually spread on Discord and are typically hidden under default Wordpress blogs.
+
+references:
+  - https://urlscan.io/result/9c91b94b-eaa4-4ed3-b6ff-67a65ecaadb0/
+  - https://urlscan.io/result/882799cc-0025-47e9-b8d3-41376a41e7c2/
+  - https://urlscan.io/result/ae8d6f7e-3848-407d-8f2e-9102e837c8a3/
+
+detection:
+
+  pageTitle:
+    title: "University cup"
+
+  siteLogo:
+    requests|contains: 'https://i.ibb.co/JcQRrby/nse.png'
+
+  condition: pageTitle and siteLogo
+
+tags:
+  - kit
+  - target.steam