The Aftermath From Being Hacked: What I Learned and How Am I Coping

in #hack7 years ago (edited)

Last Wednesday was one of the most heartbreaking days I have ever encountered in my life. My Steemit account was hacked because I tried out the DTube App in Google Playstore which turned out to be fake and was made by a hacker named Andromaker. I posted about my awful experience that happened 3 days ago to make all Steemians aware of this modus.

Screenshot_20180316_152845.jpg
If you came across this DTube App don't download it! It's fake!

I have also emailed and sent a message to Bittrex support through Messenger but it seems like they are not interested with my concern because they did not reply.

IMG_20180318_074152.JPG
I sent a message to @bittrex support but they did not respond.

But anyway, even though I still feel heart broken and awful for what happened to my earnings, I am still thankful for the support I received from my fellow Steemians and supportive Whales.

Thank you to everyone who helped me and upvoted my post so I can regain what I loss!


With what happened, I realized Steemit is not just a simple, robotic platform full of crypto talks and blogs but one that is alive and a home of real, supportive people. Steemians are not only the people who upvotes your post but also the ones who will be by your side to fight those hackers who prey on the weak. I am highly grateful to everyone!

What I Learned From Being Hacked

There are 5 important things I learned from being hacked for the first time (and I am hoping this will be the last).

First: Never stop Steeming!



222.jpg

I admit, my first thought was to give up Steeming because of the trauma that hacker caused me. As I have told in my last post, I literally cried my heart out when I saw the coin transfer notice. After I frantically sent a message to all Steemit group chats in Messenger and Discord channels where I belong to, I thought to myself that I think it is time to stop Steeming. I mean, I was very traumatized of what happened which affected my performance at work on that day. I have been pondering whether or not to continue being a Steemian when it struck me: If I stopped Steeming then I am letting the hackers win. I believe one of the reasons hackers are doing what they're doing is to not only get the earnings of others but also to stop the Steemit community from flourishing. It is sad how these devils live on the misery of other people.

After analyzing what happened and keeping my emotions at bay, I am now a stronger Steemian. I will not give up on this wonderful community and will not let down those people who supports me. Yup, just keep on steeming!

Second: Don't give your master key to any website or app or anyone for that matter.



33.jpg

A lesson I learned the hard way. It was my first time exploring cryptocurrency and earning online which made me vulnerable to hackers. This is basic but can prevent hackers from stealing your earnings or account. A tip everyone should follow especially newbies because they are also clueless on how these hackers work.

One of the most important rule to follow is that to never use your master key password in any site or app that is related to Steemit. I discovered that there are different types of keys to get you around other related sites without using your master key. These are the different types of keys:

  • Posting key - This is used for voting and posting. Based on my understanding, the Posting key is the one being asked by other related sites like DMania, DLive, DTube (the legit one), Busy.org and etc. so you can log in on their site. This is safer because it limits the activity on your account.
  • Active key - This is used for transferring your SBD and Steem to other accounts and placing orders in the internal market.
  • Owner key - This is also known as the "master key" because it is used to change the other keys and your entire password in your Steemit account in general.

I suggest that we should all utilize Posting and Active Keys and not use our master key so that we can prevent our accounts from being compromised.

Third: Do research first before downloading or clicking anything.



44.jpg

With the hacking, I learned that you should not download any app without researching about it first. With my experience on a fake DTube App, I realized that I got so excited on trying it out without asking about it first in the Steemit community or researching on my own if there is an announcement of an app released. I think esteem app on Google playstore is the only legit app connected with Steemit? Please do correct me if I am wrong.

Fourth: Change your password often.



25.jpg

Before this horrifying incident happened, I did not know we can change our password. To everyone, we can change our generated password with a new one!

How can you change your password? Simply click on your Wallet button then click on Passwords. There you can generate a new password.

Remember these password tips from Steemit:

The first rule of Steemit is: Do not lose your password.
The second rule of Steemit is: Do not lose your password.
The third rule of Steemit is: We cannot recover your password.
The fourth rule: If you can remember the password, it's not secure.
The fifth rule: Use only randomly-generated passwords.
The sixth rule: Do not tell anyone your password.
The seventh rule: Always back up your password.

Change your password at least once or twice a month and don't lose it!

Fifth: Always monitor your account.



U5dtyae4kybrxwtVwgx35KFuXvgTML8_1680x8400.jpeg text.gif

I really thank @neander-squirrel for creating @ginabot because without that epic notification, I would have not notice my hard-earned Steem and SBD being stolen. Gina has saved my account and I thank her for it deeply! To everyone, I highly encourage you to try her service, you won't regret it I promise!

Always check the activities of your account daily. I suggest to make it a habit that after waking up and doing stretches, check your account's wallet and status if it's still yours. I am very lucky that my account was not taken away from me because that will be a difficult process to recover. I think the hackers aren't interested with my low SP so they just stole what they can and let it be. I laughed darkly with this thought but still thanked the heavens because I am just a lowly Minnow.

How Am I Right Now?

Well, right now I am still coping up with what I have loss both mentally, emotionally and physically. Some of my peers in the offline world are telling me that what happened was not a big deal because I did not invested any money on Steemit but they don't understand that I have given my time and effort in it, and that is also important. They don't understand how hard it is to construct a quality post which means racking my whole brain everyday for ideas. They don't understand how frustrating it is when no one or a few people upvotes your post. They don't understand the dedication and commitment a Steemian puts on the platform. They don't understand how it feels like when an important thing was stolen from you. They don't understand and that's okay because I know that they don't know anything; my hard work, time and effort given to Steemit. So now I don't share my frustrations with Steemit if it is not a Steemian because sadly, what I will just hear are these words:

That's alright, you didn't lost anything because you didn't invest money in it.

With what happened, I learned the fact that online devils are everywhere nowadays so I better be careful with my actions. Think before you click (or give out any information) to any third party websites. Right now, I will make it a mission to prevent newbies from being scammed.

I am very grateful for the Steemians who are there to support me especially to @surpassinggoogle @paradise-found @acidyo @ausbitbank @donkeypong @kevinwong @hr1 @cloh76 @analisa @drakos and everyone who have supported my post.

Although it seems it is impossible for me to retrieve what I loss, this awful experience have shed a new light for me. Now, it's time to take on a new mission in helping Red Fishes and Minnows secure their account and always be safe online. We cannot let these hackers win.

Photos are mine except the Ginabot picture.

March 18, 2018

emdesan (1).png

Sort:  

feeling sad for you. In the start of last year my account at cryptopia (exchange ) was also hacked and I lost $100 but after that I have learned my lesson that if we want to keep our cryptocurrency safe than we should learn how can we keep it safe.

It is really awful to be hacked but we learn our lesson...

You can never be too vigilent. If I were you, I would also be decimated, but I would remain inspired by all the support. It just proves the real value in the Steemit platform. My advice... do some reposting of some of your work. At least they did not steal that!

So sorry about that.. Best to be informed and also careful.

nice em Upvoted

I have read both of your posts about your loss. I'm so sorry for the experience you went through. On the other hand, I really appreciate your very encouraging words for all of us:

With what happened, I realized Steemit is not just a simple, robotic platform full of crypto talks and blogs but one that is alive and a home of real, supportive people.

Sorry po sa nangyari sa account nyo.This will serve as a reminder to all of us. Hilig ko pa naman mgopen ng mga links. Thanks for sharing.

As a follower of @followforupvotes this post has been randomly selected and upvoted! Enjoy your upvote and have a great day!

You have to stay vigilant, don't trust anything you find without double-checking.

Also check my post about a risk in SteemConnect; https://busy.org/@rmz/be-careful-when-using-steemconnect-call-to-busy-org-for-necessary-changes.

Good luck with recovering your losses.