
I have to admit I spend half my time on steemit worrying that I am going to give out the wrong key or something. LOL. Iguess once you get passed that it is fine, we just all have to be mindful and ensure that we protect our accounts and be aware that not everyone is honest and fair. This is of course the same in the rest of our lives. There is plenty of spam/clickbait/scam/fake on facebook etc. and there are plenty of people out to make a buck at the expense of others out there in the real world. Good post @inventor16!

I think platform creators can block an account if there are violations from the owner of the record. This I observed on a similar platform, the Russian version of STEEMIT.

What is considered a violation ?

I don't know how in STEEMIT but in russian version there are some rules. I can't find it now, but one account was bloked.

The hacker @accounttransfers had access to the account and modified the display name and about sections. What you seen there was not really indicative of a blocked account. I am not sure what they were trying to do.

Perhaps, they were not really prepared for the backlash of compromising a high profile account and were trying to "legitimize" their activity as a psuedo white-hat penetration test. Only problem is that you don't pen test without consent and legal contracts in a typical centralized organization so there are definately issues with the ethics of this individual in my humble opinion.

This was not a mere front-end compromise. It was a full compromise but @samhillstone's saving Grace was that he had powered up which requires time to convert to Steem. This allowed the account to be recovered before said hacker was able to steal the Steem. I do think he may have got his hands on the SBD but am not sure.

Yes I realize it was a full hack. My only question was how was the account suspended in a decentralized platform.

I am not aware of any mechanism for account suspension on the Steem blockchain but maybe the devs have some sort of method. I don't believe the account was actually suspended to be honest.

I think the hacker just made it appear that way so as to give the impression that the user was being penalized for their poor security practice as a smokescreen for what the hacker was really doing which is to buy time so he could power down.

That's what I believe happened and let, if so, glad it didn't work out. Nevertheless, it is a good thing, in a sense, as now security awareness is in the forefront of many a Steemians minds.

Well for now it seems good news to him and to get the answer i think we are gonna have to wait .

O wow, I never expected him to get his account back, he is lucky for sure! Glad he got it back though! I haven't read his entire post, but as I understand he did lose his master key to the person who hacked him. That's why I never expected him to get back his account. And yes, that does indeed beg the question how Steemit inc. was capable of getting it back on a decentralized system...

It doesn't make sense to me, I know steemit can recover accounts if they know a previous master key of the user within 30 days, but it looks like they shut the account down before they regained access?

Maybe there is a 30-day limit that they can recover it even when it has been changed by the one taking over the account. That's the only thing I can think off, it would be nice to have a clear answer on this though...

That's correct. You have 30 days to get account back, as long as you have a previous master key. But I'm just confused on how Steemit was able to block the account.

The same way they gave back the account? I mean once they give the account back to the original owner it seems only logical it gets locked till it's actually in the hands of the original owner. As I understand this 30-day policy of getting back your account means Steemit inc. gets hold of your account and gives it back to you (verifcating by the master key that you are actually the owner).

That might make sense that it was in transition of being handed back to the original owner. Would be good to get clarification from steemit or someone privy to it.

Is there a reason that steemit wouldn't have a copy of our keys? They may have certain admin functions available they can do at any time without a complaining user verifying their master key. But for security reasons, they expect a complaining person to provide it as proof of ownership. They may have made an exception to needing proof because of the negative PR, and the obviousness of the phish.

As far as the account being blocked. Perhaps no one, except steemit, knows their new keys. So it may not be blocked, but near impossible to log in. Another thing is that certain activities may [also] be blocked from the steemit interface, but not necessarily other interfaces that interact with the blockchain outside of steemit-whatever those are.

That's not correct. Nobody at steemit should have access to our accounts without a copy of the private key. Otherwise it's not decentralized.

You raise some vital questions here i have wondered how someone could access their Steem if there was a serious problem with the Steemit platform like there has been recentely with DDos attacks and perhaps the Steem blockchain is what is decentralised but Steemit itself is not....hmmmm food for thought.

This is way beyond my technical knowledge, but will be interested in seeing the full story here should it ever come out


my 100% upvote on the question... how is this possible. Blockchain and are 2 different things... how secure are our funds..??

Yup, we should all look to find the answer to these questions because they are important.

very important, he wrote that it was impossible to get back because he made stupid mistakes.... so how the .... is this possible

Just a question: Do you have some friends who would vote for me as witness... I really need it..I am not getting up the rank much... spend money for a witness server and hope to break even in some time...

I do not bro, keep on hustling :)

no prob... thx for answering... hustling yeahhh. but not against every price... I dared to ask you.. why, because i think i could... will not bother you again

glad that he was able to recover his account :)

Awesome questions and looking forward to see the answer to them.

Very interesting, thanks for sharing. Would love to hear the outcome

An inexplicable situation. It is important that the entire Steemit community knows these situations. The high risk for Steemit members to suffer a hack is real. Thanks for sharing. I hope everything is cleared up. As soon.

Nice post

details here. Get a chance to win SBD's
You have got a Random upvote of $0.06 from @trlotto. Free tickets are being distributed by @trlotto. Check out the

Why the account is suspended....

nice funny and unique