Keys Defender -- Compromised ACTIVE private key successfully recovered !! [$ 28,000 account 💸]

in #hive5 years ago (edited)

❗❗❗ 💀💀 ⚠️⚠️
It's another day and another user leaked their private keys on the HIVE Blockchain !!

They accidentally COMPROMISED their...

private ACTIVE key

HOW: in a transfer operation published into the blockchain.


The compromised account owner has now been notified in multiple ways and their funds immediately transferred to their savings!.


If you are the account owner and are reading this, please reset ASAP your keys using your HIVE password or Owner key at https://steemitwallet.com/@nextgen622/password.


Compromised account stats:

  • Reputation: 70

  • Followers: 3552

  • Account birth: 2016-07-29

  • Last Post: 2020-04-23

  • Funds:
    ~ TOT HIVE: 9.196
    ~ TOT SBD: 14.27
    ~ TOT HIVE POWER: 41691.458 ( 34135.924 + 7565.694 IN - 10.16 OUT )


For more info about my keys protection activity see: https://hive.blog/steem/@gaottantacinque/the-keys-defender-bot-is-live-in-beta-mode


Do you want to support this bot? Delegation links:
10 SP 20 SP 30 SP 40 SP 50 SP 100 SP 200 SP 500 SP 1000 SP


Take care!
@keys-defender / @gaottantacinque

Sort:  

~$ 5000+ on Hive
~$ 4000 on Steemit
Funds transferred into savings on both platforms @nextgen622.

  • Another transfer into savings:
    7 minutes ago Transfer to savings 1610.502 HIVE to nextgen622

If anyone can reach out to him please do!

I ended up writing on the fly a script to put into savings / power up all new funds that were automatically going into his account. Shortly after that my script was running, luckily @nextgen622 managed to change his keys on both chains.

He likely ended up losing 8,000 Hive though :(
managed to save about 2,000 Hive (plus all thousands of Hive that were still going into the account, and power downs on both chains).

So a partial success on my side. I will investigate why my warning went out after hours instead of the usual reply below 1 second. Must be Hive node issues again :(

I'll add a mechanism to rotate nodes once I have some free time from my job (hopefully soon..).

Thank you so much for the alert. Very much appreciated.

HIVE WALLET


!

STEEMIT WALLET


!

Thank you for your community service! It is greatly appreciated!

Thank you very much for the alert mate. It’s very much appreciated.

So how exactly was they key exposed?

Was it accidentally included in the memo?

I don't imagine it was derived from the transaction signature or something like that.

Correct. Most of the times they get leaked in transfer memos, posts and comments. I found a couple in other types of operations too though (eg. account_update).

Your post has been rehived.

Check my profile to rehive your posts