The recent hack of my HIVE wallet was a well designed, multi-step scam using multiple, authentic-looking identities and web pages.
It’s clear the hackers had an intimate knowledge of the Steemit and HIVE platforms, the online user wallet setups, the multi-token economies and the access hierarchies of private keys and password requirements.
That said, let me make this clear:
Ultimately, it was my bad.
The hackers could not have pulled off the heist without my carelessness.
I’d never been hacked before — ever — and got complacent.
It was my laziness, apathy and arrogance that enabled the hackers to steal my HIVE and HBD tokens out of my online wallet.
And I take full responsibility.
“The Hackers’ Modus Operandi”
(image by YouTube)
The hackers targeted Steemit users with at least a rep of 40 and above (mine is 60).
That ensured that the user was on Steemit prior to the Tron vs. Steemit scandal and subsequent launch of the rival HIVE blogging platform last year.
They sent legit-looking, but bogus comments or replies that stated:
“Warning — you haven’t switched to Tron’s private keys and may lose your account”,
or -
“350 Steem for achieving your ‘elite’ reputation rating”,
or even -
“Claim your 350 Steem during Steemit’s 7th Year Anniversary Celebration”, etc.
The key point is that it requires your master password or private active key to get anything done (Tron update or claiming 350 Steem).
I looked up the user who notified me and saw nothing fishy.
I Googled the advantages of updating old Steemit keys to Tron and the disadvantages of not doing so.
Even the SteemConnect web page looked just like it has for years.
But as soon as I entered my key, I caught a glimpse of the URL:
It was SteemConnect.xyz — an obvious fake because of the “. xyz” extension.
Hurriedly, I changed my master password and private keys (this time, to the authentic l, upgraded Tron/Steemit system) and checked my Steemit wallet.
Phew! Nothing was missing. Crisis averted — I thought…
Thirty minutes later, I found out that the hackers used my old Steemit access — the same ones that HIVE used to mirror, migrate and create my HIVE account last year and of course, DID NOT BOTHER TO CHANGE) — to login as me and transfer (withdraw) everything they could.
(image by author)
Lessons learned, indeed!
By JaiChai
(image by author)
This is YOUR TORUM INVITATION!
(image by author)
JaiChai 3–3–2021. Simultaneous multi-site submissions posted. All rights reserved.
Originally published at https://hive.blog on March 3, 2021.
