Are funds leaving your HIVE wallet? Help us track where this cyber attack took place!
Are funds leaving your wallet outside of your control and being sent to the CoinEx exchange (@coinexdeposit) with the memo G6Y7pQgSeYgeu9P4KNXhYP?
Example:
This started about 3 weeks ago and it seems like quite a few accounts are affected. Most of these seem old and inactive accounts so perhaps the keys were compromised in an abandoned Steem application and someone got access to those keys (eg. sold on the dark web).
If you notice that some funds are being powered down and sent away from your wallet, immediately change your keys and please let us know where you think you could have compromised them so that we can keep investigating.
Where to report this issue and any clues that can help our investigation:
- Get in touch with these Hive witnesses that are looking into the matter:
@guiltyparties, @pfunk, @themarkymark
- Use the @hivewatchers's Discord
- or @keys-defender's Discord
To help you detect anomalous withdrawals from your account, the memo G6Y7pQgSeYgeu9P4KNXhYP was blacklisted by @keys-defender as if it was a phishing link.
So watch out for my flashy memo telling you about the issue!
FINAL RECOMMENDATIONS:
- If you haven't changed your private keys since the
Steemitdays, we strongly recommend you to do so! 👉 https://peakd.com/@YOUR-USERNAME/permissions > CHANGE PASSWORD
- If your recovery account is still @steem, change it or you won't be able to recover your account! 👉 https://peakd.com/@YOUR-USERNAME/permissions > RECOVERY ACCOUNT
- Never enter your private keys in any website that you don't fully trust.
Consider using only trusted login options like these:
Thanks for your cooperation,
Stay safe!
Service sponsored by @cryptoshots.nft, Full launch on Hive on August 21st !
play-to-earn 3D Shooter
( Starter pack and DOOM token 💥 )
Crypto Shots 1st Hive NFT is already LIVE in the game! 👉
It does look like a fair few people are affected. I thought it was more, but realised it was only those with the key you mentioned who had the problem. Still a nice amount of funds for someone to steal.
Be careful out there!
According to @hivewatchers, a total of 505 accounts are transferring with that memo and 99 of those were already blacklisted.
Your content has been voted as a part of Encouragement program. Keep up the good work!
Use Ecency daily to boost your growth on platform!
Support Ecency
Vote for new Proposal
Delegate HP and earn more
Que bueno que busquen una forma de solucionar e investigar esto, yo no tenia idea de que estaba ocurriendo.
Thanks for sharing.
The minute you think everything is safe this is when you look everywhere.
Glad someone is looking all the time.
!BEER
Posted Using LeoFinance Beta
View or trade
BEER.Hey @keys-defender, here is a little bit of
BEERfrom @pouchon for you. Enjoy it!Learn how to earn FREE BEER each day by staking your
BEER.- [!phishing command and universal script]
- [!scam, !unsafe and !info commands]
👉 Don't abuse them or you'll get heavy downvotes
- !phishing {link}
- !scam {link}
- !unsafe {link}
- !hacked @{user}
- !recovered @{user}
- !info
!!!
Ooopppssses!!! Someone I know had similar issue last week.
He noticed that his account was on powerdown and he sure didn't initiate the command. Luckily, he was fast enough to act and didn't lose so much.
I'm wondering how some of the inactive account holders will get wind of this info. If an inactive account is affected by this hack, it will be a banquet for the hacker 🙆♂️
It could also be that they were already hacked in the past and the attacker is only now taking out more funds. Hard to tell until we get any info from any affected users.
I guess @blocktrades should check it, just a concern citizen here
I'm sure he's very savvy about managing keys but yeah, probably should
Sometimes it's safer to keep a cold Owner key cold.