Nxt Forum

Nxt Discussion => Nxt General Discussion => Topic started by: mcjavar on September 27, 2016, 05:25:55 am

Title: Account hacked, around 500k NXT stolen
Post by: mcjavar on September 27, 2016, 05:25:55 am
Hi,

I've been in Nxt since the beginning using a SHA-256 password. I've just noticed that my account has been hacked on the 21st of September and all my coins and assets were transferred (and sold) to this account: NXT-WWZA-75LG-356V-FU45W

I assume they are gone forever...
Title: Re: Account hacked, around 500k NXT stolen
Post by: farl4bit on September 27, 2016, 06:04:50 am
Who, that really sucks!  :(

How did you store your passphrase and how long was it?
Title: Re: Account hacked, around 500k NXT stolen
Post by: bitme on September 27, 2016, 06:05:31 am
It must be terrible feeling. I'm sorry for You. By sha-256 password You mean sha256 of some phrase, right? May i ask how long this phrase was?
Title: Re: Account hacked, around 500k NXT stolen
Post by: NxtSwe on September 27, 2016, 06:22:57 am
Ouch! Very sorry to hear that!
You should secure your wallet with account control, so that when the ardor assets are distributed, the thief cannot steal those as well!
Title: Re: Account hacked, around 500k NXT stolen
Post by: lurker10 on September 27, 2016, 07:55:27 am
It's unfortunate. Making a good passphrase isn't extremely difficult but if not sure it's best to use the one generated by the Nxt client. Sha256'ing a not very good passphrase can't stop the hacker.
Title: Re: Account hacked, around 500k NXT stolen
Post by: mcjavar on September 27, 2016, 09:51:40 am
It has been a random password of 8 characters which I converted to SHA-256 using this site: http://www.xorbin.com/tools/sha256-hash-calculator

I used this password at several sites and I received an email from btc-e, that someone successfully logged in with my user. I changed the password everywhere I remembered I had it set up, I never thought about changing it for Nxt as well as I thought that converting it to SHA-256 was enough. It wasn't, obviously. Hard lesson...
Title: Re: Account hacked, around 500k NXT stolen
Post by: apenzl on September 27, 2016, 08:40:33 pm
Oh man, mcjavar. I'm sorry to hear that.  :-\

Before Oct 13th / block 1000000, please remember:

You should secure your wallet with account control, so that when the ardor assets are distributed, the thief cannot steal those as well!
Title: Re: Account hacked, around 500k NXT stolen
Post by: marenkar on September 27, 2016, 09:09:39 pm
Mcjavar, I was initially quite happy to see your name as I remember you from long ago in the beginning and thought it was nice that someone else decided to come back to Nxt from back then.

Then I read what happened to you :( This is really horrible :(

I hope you don't lose everything though. As what other people have said, make sure to set up Account Control from another new account in order to make sure that your accumulated Ardor tokens are not lost as well. 
Title: Re: Account hacked, around 500k NXT stolen
Post by: farl4bit on September 28, 2016, 07:44:03 am
8 characters is too short mate!!   :o

It can get easily hacked, and using the password on different sites is not smart too. Nobody can ever know you password, so no other sites too (no password generators too!). The past years we told people many many times to choose at least a random 30+ characters passphrase. And eventually the client created a 12 word passphrase which is impossible to hack.

Although it was to be expected that your account was going to be hacked, I feel sorry for you.  :(
Title: Re: Account hacked, around 500k NXT stolen
Post by: OrgiOrg on September 28, 2016, 08:59:10 am
Oh man, mcjavar. I'm sorry to hear that.  :-\

Before Oct 13th / block 1000000, please remember:

You should secure your wallet with account control, so that when the ardor assets are distributed, the thief cannot steal those as well!

how does the securing of the walltet with account control works?
Title: Re: Account hacked, around 500k NXT stolen
Post by: MrCluster87 on September 28, 2016, 09:14:37 am
Hi OrgiOrg,

I made a little tutorial: https://www.youtube.com/watch?v=pV2eKifqrOg&index=9&list=PLrOqCck6qd3aD39swhdYBPW8bRGrP4Mjs



Oh man, mcjavar. I'm sorry to hear that.  :-\

Before Oct 13th / block 1000000, please remember:

You should secure your wallet with account control, so that when the ardor assets are distributed, the thief cannot steal those as well!

how does the securing of the walltet with account control works?
Title: Re: Account hacked, around 500k NXT stolen
Post by: HCLivess on September 29, 2016, 07:11:36 am
That's unfortunate, but you shouldn't really use your important passoword on unknown sites
Title: Re: Account hacked, around 500k NXT stolen
Post by: KarlKarlsson on September 29, 2016, 05:21:24 pm
Was it your NXT or the NXT you never returned to the investors of your 'bar'?
Title: Re: Account hacked, around 500k NXT stolen
Post by: neo on September 30, 2016, 06:58:35 am
And whose is this one?
 FrankTheTank  NXT-BV9H-GLR2-8Z2E-GATZA
Also translated the full amount

ps. There are many accounts from which he translated on the same day.
Title: Re: Account hacked, around 500k NXT stolen
Post by: farl4bit on September 30, 2016, 08:59:23 am
And whose is this one?
 FrankTheTank  NXT-BV9H-GLR2-8Z2E-GATZA
Also translated the full amount

ps. There are many accounts from which he translated on the same day.

The hacker must have a script running which is guessing simple passwords and gained access to more accounts. It's like the script for finding the dark Nxt?
Title: Re: Account hacked, around 500k NXT stolen
Post by: neo on September 30, 2016, 09:50:47 am
Yes, it uses a simple brute force and dictionary. Adds hex sha256. checks a database of all NXT accounts.


here are all the accounts that may have been hacked
NXT-CMLD-V53K-BPV6-3SJCJ
NXT-579N-9PA5-US7B-A7GYY
NXT-BV9H-GLR2-8Z2E-GATZA
NXT-BA6F-2W46-EN78-C3N95
NXT-5EQM-VL76-YGYW-DCRAZ
NXT-FZ43-QX9K-S3FZ-8E3U8
NXT-ANQR-CKES-NB8W-ENB5D
NXT-4D5E-L5RR-6ESE-FL2H8
NXT-DT49-ZN6Y-S379-6TWCB
NXT-34YX-7T8Y-8ZET-4CFPJ
NXT-DQLX-STTF-W3HK-3YD5F
Title: Re: Account hacked, around 500k NXT stolen
Post by: neofelis on September 30, 2016, 04:52:24 pm
Fucker will never guess mine.  100 completely random characters not on any computer or other digital medium.  Engraved in four parts on tungsten and distributed throughout the US.  Ha! Ha!  Motherfucker!
elective-stereophonic
elective-stereophonic
assembly
assembly