elective-stereophonic
elective-stereophonic
Account hacked, around 500k NXT stolen
Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Nxt Client: Nxt 1.11.15

Author Topic: Account hacked, around 500k NXT stolen  (Read 4631 times)

mcjavar

  • Jr. Member
  • **
  • Karma: +9/-2
  • Offline Offline
  • Posts: 84
    • View Profile
Account hacked, around 500k NXT stolen
« on: September 27, 2016, 05:25:55 am »

Hi,

I've been in Nxt since the beginning using a SHA-256 password. I've just noticed that my account has been hacked on the 21st of September and all my coins and assets were transferred (and sold) to this account: NXT-WWZA-75LG-356V-FU45W

I assume they are gone forever...
Logged

farl4bit

  • Global Moderator
  • Hero Member
  • *****
  • Karma: +210/-45
  • Offline Offline
  • Posts: 3458
    • View Profile
    • Blockchain Twitter
Re: Account hacked, around 500k NXT stolen
« Reply #1 on: September 27, 2016, 06:04:50 am »

Who, that really sucks!  :(

How did you store your passphrase and how long was it?
Logged

bitme

  • Jr. Member
  • **
  • Karma: +22/-4
  • Offline Offline
  • Posts: 98
  • strange things happen ...
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #2 on: September 27, 2016, 06:05:31 am »

It must be terrible feeling. I'm sorry for You. By sha-256 password You mean sha256 of some phrase, right? May i ask how long this phrase was?
« Last Edit: September 27, 2016, 07:50:26 am by bitme »
Logged

NxtSwe

  • Hero Member
  • *****
  • Karma: +124/-9
  • Offline Offline
  • Posts: 658
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #3 on: September 27, 2016, 06:22:57 am »

Ouch! Very sorry to hear that!
You should secure your wallet with account control, so that when the ardor assets are distributed, the thief cannot steal those as well!
Logged
Check out the NxtLib, the .NET Framework API for the Nxt platform.

lurker10

  • Hero Member
  • *****
  • Karma: +168/-33
  • Offline Offline
  • Posts: 1336
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #4 on: September 27, 2016, 07:55:27 am »

It's unfortunate. Making a good passphrase isn't extremely difficult but if not sure it's best to use the one generated by the Nxt client. Sha256'ing a not very good passphrase can't stop the hacker.
Logged
Run a node - win a prize! "Lucky node" project jar: NXT-8F28-EDVE-LPPX-HY4E7

mcjavar

  • Jr. Member
  • **
  • Karma: +9/-2
  • Offline Offline
  • Posts: 84
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #5 on: September 27, 2016, 09:51:40 am »

It has been a random password of 8 characters which I converted to SHA-256 using this site: http://www.xorbin.com/tools/sha256-hash-calculator

I used this password at several sites and I received an email from btc-e, that someone successfully logged in with my user. I changed the password everywhere I remembered I had it set up, I never thought about changing it for Nxt as well as I thought that converting it to SHA-256 was enough. It wasn't, obviously. Hard lesson...
Logged

crimi

  • Hero Member
  • *****
  • Karma: +122/-11
  • Offline Offline
  • Posts: 890
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #6 on: September 27, 2016, 01:02:17 pm »

It has been a random password of 8 characters which I converted to SHA-256 using this site: http://www.xorbin.com/tools/sha256-hash-calculator

I used this password at several sites and I received an email from btc-e, that someone successfully logged in with my user. I changed the password everywhere I remembered I had it set up, I never thought about changing it for Nxt as well as I thought that converting it to SHA-256 was enough. It wasn't, obviously. Hard lesson...

you can not trust the site owners of http://www.xorbin.com/tools/sha256-hash-calculator, also the website has no ssl certificate, did you do the converting offline?

most likely someone was thinking outside the box by using a large password database and converting them to sha256-hashs. 8 characters... i wonder how did you sleep at night all those years?  :o ...  bear up! thanks for sharing    ;)
Logged
PeerExplorer.com | NodeExplorer.com

apenzl

  • Hero Member
  • *****
  • Karma: +245/-10
  • Offline Offline
  • Posts: 2489
    • View Profile
    • Nxter.org
Re: Account hacked, around 500k NXT stolen
« Reply #7 on: September 27, 2016, 08:40:33 pm »

Oh man, mcjavar. I'm sorry to hear that.  :-\

Before Oct 13th / block 1000000, please remember:

You should secure your wallet with account control, so that when the ardor assets are distributed, the thief cannot steal those as well!

marenkar

  • Full Member
  • ***
  • Karma: +74/-0
  • Offline Offline
  • Posts: 168
  • Agavon
    • View Profile
    • Agavon
Re: Account hacked, around 500k NXT stolen
« Reply #8 on: September 27, 2016, 09:09:39 pm »

Mcjavar, I was initially quite happy to see your name as I remember you from long ago in the beginning and thought it was nice that someone else decided to come back to Nxt from back then.

Then I read what happened to you :( This is really horrible :(

I hope you don't lose everything though. As what other people have said, make sure to set up Account Control from another new account in order to make sure that your accumulated Ardor tokens are not lost as well. 

farl4bit

  • Global Moderator
  • Hero Member
  • *****
  • Karma: +210/-45
  • Offline Offline
  • Posts: 3458
    • View Profile
    • Blockchain Twitter
Re: Account hacked, around 500k NXT stolen
« Reply #9 on: September 28, 2016, 07:44:03 am »

8 characters is too short mate!!   :o

It can get easily hacked, and using the password on different sites is not smart too. Nobody can ever know you password, so no other sites too (no password generators too!). The past years we told people many many times to choose at least a random 30+ characters passphrase. And eventually the client created a 12 word passphrase which is impossible to hack.

Although it was to be expected that your account was going to be hacked, I feel sorry for you.  :(
« Last Edit: September 28, 2016, 10:45:20 am by farl4bit »
Logged

OrgiOrg

  • Full Member
  • ***
  • Karma: +6/-0
  • Offline Offline
  • Posts: 115
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #10 on: September 28, 2016, 08:59:10 am »

Oh man, mcjavar. I'm sorry to hear that.  :-\

Before Oct 13th / block 1000000, please remember:

You should secure your wallet with account control, so that when the ardor assets are distributed, the thief cannot steal those as well!

how does the securing of the walltet with account control works?
Logged

MrCluster87

  • Hero Member
  • *****
  • Karma: +81/-3
  • Offline Offline
  • Posts: 855
    • View Profile
    • youtube
Re: Account hacked, around 500k NXT stolen
« Reply #11 on: September 28, 2016, 09:14:37 am »

Hi OrgiOrg,

I made a little tutorial: https://www.youtube.com/watch?v=pV2eKifqrOg&index=9&list=PLrOqCck6qd3aD39swhdYBPW8bRGrP4Mjs



Oh man, mcjavar. I'm sorry to hear that.  :-\

Before Oct 13th / block 1000000, please remember:

You should secure your wallet with account control, so that when the ardor assets are distributed, the thief cannot steal those as well!

how does the securing of the walltet with account control works?

HCLivess

  • Hero Member
  • *****
  • Karma: +121/-47
  • Offline Offline
  • Posts: 521
  • Hardcore Gaming CEO
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #12 on: September 29, 2016, 07:11:36 am »

That's unfortunate, but you shouldn't really use your important passoword on unknown sites
Logged
Producing, Lending, Mining, Trading, Forging, Staking

KarlKarlsson

  • Hero Member
  • *****
  • Karma: +79/-25
  • Offline Offline
  • Posts: 779
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #13 on: September 29, 2016, 05:21:24 pm »

Was it your NXT or the NXT you never returned to the investors of your 'bar'?
Logged
NXTinfo.org - Your toolbox to become an Asset Expert! | Twitter | Facebook | ZapChain

neo

  • Jr. Member
  • **
  • Karma: +1/-0
  • Offline Offline
  • Posts: 33
  • NXT-358M-NHYG-W2QK-28QZ8
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #14 on: September 30, 2016, 06:58:35 am »

And whose is this one?
 FrankTheTank  NXT-BV9H-GLR2-8Z2E-GATZA
Also translated the full amount

ps. There are many accounts from which he translated on the same day.
« Last Edit: September 30, 2016, 07:47:58 am by neo »
Logged

farl4bit

  • Global Moderator
  • Hero Member
  • *****
  • Karma: +210/-45
  • Offline Offline
  • Posts: 3458
    • View Profile
    • Blockchain Twitter
Re: Account hacked, around 500k NXT stolen
« Reply #15 on: September 30, 2016, 08:59:23 am »

And whose is this one?
 FrankTheTank  NXT-BV9H-GLR2-8Z2E-GATZA
Also translated the full amount

ps. There are many accounts from which he translated on the same day.

The hacker must have a script running which is guessing simple passwords and gained access to more accounts. It's like the script for finding the dark Nxt?
Logged

neo

  • Jr. Member
  • **
  • Karma: +1/-0
  • Offline Offline
  • Posts: 33
  • NXT-358M-NHYG-W2QK-28QZ8
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #16 on: September 30, 2016, 09:50:47 am »

Yes, it uses a simple brute force and dictionary. Adds hex sha256. checks a database of all NXT accounts.


here are all the accounts that may have been hacked
NXT-CMLD-V53K-BPV6-3SJCJ
NXT-579N-9PA5-US7B-A7GYY
NXT-BV9H-GLR2-8Z2E-GATZA
NXT-BA6F-2W46-EN78-C3N95
NXT-5EQM-VL76-YGYW-DCRAZ
NXT-FZ43-QX9K-S3FZ-8E3U8
NXT-ANQR-CKES-NB8W-ENB5D
NXT-4D5E-L5RR-6ESE-FL2H8
NXT-DT49-ZN6Y-S379-6TWCB
NXT-34YX-7T8Y-8ZET-4CFPJ
NXT-DQLX-STTF-W3HK-3YD5F
« Last Edit: September 30, 2016, 11:03:57 am by neo »
Logged

neofelis

  • Hero Member
  • *****
  • Karma: +73/-12
  • Offline Offline
  • Posts: 564
    • View Profile
Re: Account hacked, around 500k NXT stolen
« Reply #17 on: September 30, 2016, 04:52:24 pm »

Fucker will never guess mine.  100 completely random characters not on any computer or other digital medium.  Engraved in four parts on tungsten and distributed throughout the US.  Ha! Ha!  Motherfucker!
Logged
 

elective-stereophonic
elective-stereophonic
assembly
assembly