elective-stereophonic
elective-stereophonic
Account Hacked and Drained  
Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Nxt Client: Nxt 1.11.15

Author Topic: Account Hacked and Drained  (Read 1282 times)

skuld2000

  • Newbie
  • *
  • Karma: +0/-0
  • Offline Offline
  • Posts: 2
    • View Profile
Account Hacked and Drained
« on: September 26, 2017, 04:03:16 am »

today i realize unkown transaction at 9/22
and all my nxt transfered other's account.

over 15000 nxt...

is there any solution for this situation

seems like he(Hacker?) still on actively doing something

his account is "NXT-5CFL-QTTH-D6K2-AC4TF"

my account is "NXT-AWQG-GJJK-VFV8-9BNNB"

plz help me

Logged

martismartis

  • Hero Member
  • *****
  • Karma: +72/-10
  • Offline Offline
  • Posts: 1234
    • View Profile
Re: Account Hacked and Drained
« Reply #1 on: September 26, 2017, 06:26:00 am »

1. Did you use 12 random words passphrase offered by Nxt client or your own?
2. Did you check your PC for viruses?
3. Where did you store your passphrase?
Logged

skuld2000

  • Newbie
  • *
  • Karma: +0/-0
  • Offline Offline
  • Posts: 2
    • View Profile
Re: Account Hacked and Drained
« Reply #2 on: September 26, 2017, 07:32:17 am »

I have no virus and no store anywhere cookie or other..
but my password is simple 36 character number and alphabet... anyway is there any possibility for undo the transaction?
« Last Edit: September 26, 2017, 09:53:58 am by skuld2000 »
Logged

cayenne

  • Sr. Member
  • ****
  • Karma: +10/-2
  • Offline Offline
  • Posts: 253
    • View Profile
Re: Account Hacked and Drained
« Reply #3 on: September 26, 2017, 11:40:21 am »

It does look like that account might be systematically cracking passwords and taking their NXT and ARDR.

I think the next update of the client should enforce a passphrase of at least ten words.
Logged

VanBreuk

  • Administrator
  • Hero Member
  • *****
  • Karma: +361/-19
  • Offline Offline
  • Posts: 2772
    • View Profile
Re: Account Hacked and Drained
« Reply #4 on: September 26, 2017, 02:49:43 pm »

I have no virus and no store anywhere cookie or other..
but my password is simple 36 character number and alphabet... anyway is there any possibility for undo the transaction?

Blockchain transactions by principle cannot be undone. If someone obtained or cracked your passphrase, I'm afraid the only thing that can be done is trying to track down the identity of the hacker, but if they know what they are doing that might not be possible. Looking at the address where your NXT were transferred to, it seems the hacker has been sending NXT to Shapeshift to convert them to another cryptocurrency. There's several transfers to new addresses that afterwards forward automatically to NXT-W3MP-U847-GPSZ-EW7V7, the Shapeshift hot wallet Nxt account. So maybe you can also try to contact Shapeshift support, but that's a shot in the dark because most likely they will have no info to track the hacker down.

A 36 character passphrase with letters and numbers, specially if it hasn't been generated in a truly random way, does not sound particularly secure for Nxt standards. And if this passphrase has some pattern in it, or uses a smaller set of characters (for example, only lowercase letters) it might not take long to be cracked if someone is testing automatically thousands of low-entropy passphrase combinations to find any accounts with some funds in them. Unless one generates a long, proper high-entropy passphrase (upper and lowercase letters, numbers and symbols randomly generated), the 12-word passphrase generated by the Nxt client is recommended.
Logged
GPG Fingerprint: B020 D1C1 F289 3B2C 3577  9EAD 455D D175 5913 C7F1

Roiman

  • Jr. Member
  • **
  • Karma: +11/-0
  • Offline Offline
  • Posts: 78
    • View Profile
Re: Account Hacked and Drained
« Reply #5 on: December 13, 2017, 04:15:02 am »

today i realize unkown transaction at 9/22
and all my nxt transfered other's account.

over 15000 nxt...

is there any solution for this situation

seems like he(Hacker?) still on actively doing something

his account is "NXT-5CFL-QTTH-D6K2-AC4TF"

my account is "NXT-AWQG-GJJK-VFV8-9BNNB"

plz help me

I had the same account take all funds from my mynxt wallet. Looking at the block explorer they transferred funds to Bittrex three days ago. They also seem to be making many transactions including selling assets and doing lots of shuffling. So anyone who sees this don't do business with account NXT-5CFL-QTTH-D6K2-AC4TF

Is it strange they continue to use the same account?
Logged
 

elective-stereophonic
elective-stereophonic
assembly
assembly