Difference between revisions of "Cyber Attack"
(added other language links) |
m |
||
| (7 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | '''Cyber Attack''' in [[Steemit]] context refers to a steal attack suffered on Steemit weeks after the official launch in July, 2016. | + | '''Cyber Attack''' in [[Steemit]] context refers to a steal attack suffered on Steemit weeks after the official launch and first [[Steem Tokens|tokens]] distributions in [[July 4th]], 2016. |
| − | In the attack, fewer than 260 accounts were compromised, and less than $85,000 worth of Steem Dollars and Steem may have been stolen. | + | In the attack, as annouced by [[Steemit, Inc]] CEO [[Ned Scott]] in July 14th, 2016, fewer than 260 accounts were compromised, and less than $85,000 worth of [[Steem Dollar (SBD)|Steem Dollars]] and [[Steem Tokens|Steem]] may have been stolen.<ref> [https://steemit.com/steemit/@steemitblog/important-security-announcement-steemit-ceo-ned-scott Important Security Announcement: Steemit CEO Ned Scott] Signed by '''[[Ned Scott]]''' and published in @steemitblog profile on [[Steemit]] in July 14th, 2017</ref> |
| − | The | + | According Softpedia News who first noticed the attack was [[Steemian|steemian]] The Dragon Slayer ([https://steemit.com/steemit/@dragonslayer109/did-my-account-get-hacked @dragonslayer109]). He reported mysterious transactions that transferred funds from his account to another [[Bittrex]] account, one of the [[Steem Exchanges]] that allow users to withdraw [[Steem Dollar (SBD)]] as [[Bitcoin]].<ref name=softpedia>[http://news.softpedia.com/news/steem-social-network-hacked-user-funds-stolen-ddos-attack-followed-after-506417.shtml Steemit Social Network Hacked, User Funds Stolen, DDoS Attack Ensued] Written by '''Catalin Cimpanu''' on Softpedia News in July 18th, 2016</ref> |
| − | The [[Steem]] protocol itself (the "coin") was not hacked, nor was any smart contract running on top of the Steem protocol. It was a website hack where a hacker stole funds and account credentials. | + | The hack was quickly contained. Users whose accounts were compromised were completely reimbursed. [[Ned Scott]] updated the situation in July 15th, 2016: “Within the next 48 hours, Steemit will begin to allow all newly secured accounts to reset their passwords simply by logging in with the same [[Facebook]] or [[Reddit]] credentials that were used to register in the first place. This easy process will work for the vast majority of the potentially compromised accounts. All of these account holders will regain full access to their funds and their original account name.”<ref>[https://steemit.com/steemit/@steemit3/first-update-to-july-14-security-announcement-from-steemit-ceo-ned-scott First Update to July 14 Security Announcement from Steemit CEO Ned Scott] Signed by '''[[Ned Scott]]''' and published in @steemit3 profile on [[Steemit]] in July 15th, 2017</ref> |
| + | |||
| + | [[Steemian]] [https://steemit.com/steemit/@steemitblog/important-security-announcement-steemit-ceo-ned-scott#@steemed/re-steemitblog-important-security-announcement-steemit-ceo-ned-scott-20160714t160540029z @steemed] commented that the [[Steem]] protocol itself (the "coin") was not hacked, nor was any [[Smart Contract|smart contract]] running on top of the Steem protocol. It was a website hack where a hacker stole funds and account credentials.<ref name=coinfox>[http://www.coinfox.info/news/5925-steem-is-hacked-85-000-reportedly-stolen Steem is hacked! $85,000 reportedly stolen] Written by '''Diana Bogdan''' and '''Svetlana Nosova''' on Coinfox in July 14th, 2017</ref> | ||
| + | |||
| + | ===An attractive target=== | ||
| + | |||
| + | At that time [[Steemit]] had seen an explosive growth over the previous two months with the number of users increased by record-breaking 3,200%. According to the estimations in July 13th, the [[Steem Tokens]] had reached the third place in market capitalisation after [[Bitcoin]] and Ether, jumping from $13 to over $250 million in only 10 days.<ref name=coinfox /> | ||
| + | |||
| + | ===[[Distributed Denial-of-Service Attack (DDoS)]]=== | ||
| + | |||
| + | Coincidentally or not, right after the company made the fixing announcement, a DDoS attack hit its servers. [[Steemit, Inc]] used this attack to bring down its servers for maintenance and upgrade [[Steemit]] service by adding something it called "blockchain-based multi-factor authentication," to boost account security even more.<ref name=softpedia /> | ||
| + | |||
| + | In July 21st, 2016, an article published in The Merkle annouced that [[Steemit]] platform resumed operations and compared with a similar issue faced by [[Ethereum]] community when managed to [[Hard Fork|hard fork]] and refund the extra Ether sent in the last days of The DAO creation period.<ref>[http://themerkle.com/steemit-platform-resumes-operations/ Steemit Platform Resumes Operations] Written by '''Eduardo Gómez''' on The Merkle in July 21st, 2016</ref> | ||
| + | |||
| + | |||
| + | ==References== | ||
| + | |||
| + | <references /> | ||
==Links== | ==Links== | ||
| − | * '''@ | + | * '''@dragonslayer109''' : [https://steemit.com/steemit/@dragonslayer109/did-my-account-get-hacked My account got HACKED!!!] ''July 14th, 2016'' |
| − | * ''' | + | |
| + | ==Related articles== | ||
| + | |||
| + | * [[Ned Scott]] | ||
| + | * [[Steem]] | ||
| + | * [[Steem Key Management]] | ||
| + | * [[Steem Tokens]] | ||
| + | * [[Steemit]] | ||
| + | * [[Steemit, Inc]] | ||
| + | |||
| + | ==External links== | ||
| + | |||
| + | * '''BTC News''' : [http://btcnews.com/steemit-investigates-security-breach-theft-85000-steem/ Steemit Investigates Security Breach and Theft of $85000 in Steem] ''Written by Gautham N, published in July 15th, 2016'' | ||
| + | * '''CoinIdol.com''' : [https://coinidol.com/steemit-s-users-get-money-back-after-cyber-attack/ Steemit’s Users Get Money Back After Cyber Attack: Will The Steem Price Go Up Again?] ''Written by Nina Lyon, published in July 15th, 2016'' | ||
== In other languages == | == In other languages == | ||
| Line 26: | Line 56: | ||
<br> | <br> | ||
| − | [[Category:Event]] | + | [[Category:Event]] [[Category:Security]] [[Category:Steemit]] |
Revision as of 18:40, 18 October 2017
Cyber Attack in Steemit context refers to a steal attack suffered on Steemit weeks after the official launch and first tokens distributions in July 4th, 2016.
In the attack, as annouced by Steemit, Inc CEO Ned Scott in July 14th, 2016, fewer than 260 accounts were compromised, and less than $85,000 worth of Steem Dollars and Steem may have been stolen.[1]
According Softpedia News who first noticed the attack was steemian The Dragon Slayer (@dragonslayer109). He reported mysterious transactions that transferred funds from his account to another Bittrex account, one of the Steem Exchanges that allow users to withdraw Steem Dollar (SBD) as Bitcoin.[2]
The hack was quickly contained. Users whose accounts were compromised were completely reimbursed. Ned Scott updated the situation in July 15th, 2016: “Within the next 48 hours, Steemit will begin to allow all newly secured accounts to reset their passwords simply by logging in with the same Facebook or Reddit credentials that were used to register in the first place. This easy process will work for the vast majority of the potentially compromised accounts. All of these account holders will regain full access to their funds and their original account name.”[3]
Steemian @steemed commented that the Steem protocol itself (the "coin") was not hacked, nor was any smart contract running on top of the Steem protocol. It was a website hack where a hacker stole funds and account credentials.[4]
Contents
An attractive target
At that time Steemit had seen an explosive growth over the previous two months with the number of users increased by record-breaking 3,200%. According to the estimations in July 13th, the Steem Tokens had reached the third place in market capitalisation after Bitcoin and Ether, jumping from $13 to over $250 million in only 10 days.[4]
Distributed Denial-of-Service Attack (DDoS)
Coincidentally or not, right after the company made the fixing announcement, a DDoS attack hit its servers. Steemit, Inc used this attack to bring down its servers for maintenance and upgrade Steemit service by adding something it called "blockchain-based multi-factor authentication," to boost account security even more.[2]
In July 21st, 2016, an article published in The Merkle annouced that Steemit platform resumed operations and compared with a similar issue faced by Ethereum community when managed to hard fork and refund the extra Ether sent in the last days of The DAO creation period.[5]
References
- ↑ Important Security Announcement: Steemit CEO Ned Scott Signed by Ned Scott and published in @steemitblog profile on Steemit in July 14th, 2017
- ↑ 2.0 2.1 Steemit Social Network Hacked, User Funds Stolen, DDoS Attack Ensued Written by Catalin Cimpanu on Softpedia News in July 18th, 2016
- ↑ First Update to July 14 Security Announcement from Steemit CEO Ned Scott Signed by Ned Scott and published in @steemit3 profile on Steemit in July 15th, 2017
- ↑ 4.0 4.1 Steem is hacked! $85,000 reportedly stolen Written by Diana Bogdan and Svetlana Nosova on Coinfox in July 14th, 2017
- ↑ Steemit Platform Resumes Operations Written by Eduardo Gómez on The Merkle in July 21st, 2016
Links
- @dragonslayer109 : My account got HACKED!!! July 14th, 2016
Related articles
External links
- BTC News : Steemit Investigates Security Breach and Theft of $85000 in Steem Written by Gautham N, published in July 15th, 2016
- CoinIdol.com : Steemit’s Users Get Money Back After Cyber Attack: Will The Steem Price Go Up Again? Written by Nina Lyon, published in July 15th, 2016
In other languages
| Help keep this wiki page updated. Register, click in edit, add or modify the text and save. If you're already a steemian you can be rewarded with STEEM, see how in @steemcenterwiki. |
