Difference between revisions of "Cyber Attack"

From Steem Center
Jump to: navigation, search
m
(Links: @steemitblog)
 
(9 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
'''Cyber Attack''' in [[Steemit]] context refers to a steal attack suffered on Steemit weeks after the official launch and first [[Steem Tokens|tokens]] distributions in [[July 4th]], 2016.
 
'''Cyber Attack''' in [[Steemit]] context refers to a steal attack suffered on Steemit weeks after the official launch and first [[Steem Tokens|tokens]] distributions in [[July 4th]], 2016.
  
In the attack, as annouced by [[Steemit, Inc]] CEO [[Ned Scott]] in July 14th, 2016, fewer than 260 accounts were compromised, and less than $85,000 worth of Steem Dollars and Steem may have been stolen.<ref> [https://steemit.com/steemit/@steemitblog/important-security-announcement-steemit-ceo-ned-scott Important Security Announcement: Steemit CEO Ned Scott] Signed by '''[[Ned Scott]]''' and published in @steemitblog profile on [[Steemit]] in July 14th, 2017</ref>  
+
In the attack, as annouced by [[Steemit, Inc]] CEO [[Ned Scott]] in July 14th, 2016, fewer than 260 accounts were compromised, and less than $85,000 worth of [[Steem Dollar (SBD)|Steem Dollars]] and [[Steem Tokens|Steem]] may have been stolen.<ref> [https://steemit.com/steemit/@steemitblog/important-security-announcement-steemit-ceo-ned-scott Important Security Announcement: Steemit CEO Ned Scott] Signed by '''[[Ned Scott]]''' and published in @steemitblog profile on [[Steemit]] in July 14th, 2017</ref>  
  
 
According Softpedia News who first noticed the attack was [[Steemian|steemian]] The Dragon Slayer ([https://steemit.com/steemit/@dragonslayer109/did-my-account-get-hacked @dragonslayer109]). He reported mysterious transactions that transferred funds from his account to another [[Bittrex]] account, one of the [[Steem Exchanges]] that allow users to withdraw [[Steem Dollar (SBD)]] as [[Bitcoin]].<ref name=softpedia>[http://news.softpedia.com/news/steem-social-network-hacked-user-funds-stolen-ddos-attack-followed-after-506417.shtml Steemit Social Network Hacked, User Funds Stolen, DDoS Attack Ensued] Written by '''Catalin Cimpanu''' on Softpedia News in July 18th, 2016</ref>
 
According Softpedia News who first noticed the attack was [[Steemian|steemian]] The Dragon Slayer ([https://steemit.com/steemit/@dragonslayer109/did-my-account-get-hacked @dragonslayer109]). He reported mysterious transactions that transferred funds from his account to another [[Bittrex]] account, one of the [[Steem Exchanges]] that allow users to withdraw [[Steem Dollar (SBD)]] as [[Bitcoin]].<ref name=softpedia>[http://news.softpedia.com/news/steem-social-network-hacked-user-funds-stolen-ddos-attack-followed-after-506417.shtml Steemit Social Network Hacked, User Funds Stolen, DDoS Attack Ensued] Written by '''Catalin Cimpanu''' on Softpedia News in July 18th, 2016</ref>
Line 7: Line 7:
 
The hack was quickly contained. Users whose accounts were compromised were completely reimbursed. [[Ned Scott]] updated the situation in July 15th, 2016: “Within the next 48 hours, Steemit will begin to allow all newly secured accounts to reset their passwords simply by logging in with the same [[Facebook]] or [[Reddit]] credentials that were used to register in the first place. This easy process will work for the vast majority of the potentially compromised accounts. All of these account holders will regain full access to their funds and their original account name.”<ref>[https://steemit.com/steemit/@steemit3/first-update-to-july-14-security-announcement-from-steemit-ceo-ned-scott First Update to July 14 Security Announcement from Steemit CEO Ned Scott] Signed by '''[[Ned Scott]]''' and published in @steemit3 profile on [[Steemit]] in July 15th, 2017</ref>
 
The hack was quickly contained. Users whose accounts were compromised were completely reimbursed. [[Ned Scott]] updated the situation in July 15th, 2016: “Within the next 48 hours, Steemit will begin to allow all newly secured accounts to reset their passwords simply by logging in with the same [[Facebook]] or [[Reddit]] credentials that were used to register in the first place. This easy process will work for the vast majority of the potentially compromised accounts. All of these account holders will regain full access to their funds and their original account name.”<ref>[https://steemit.com/steemit/@steemit3/first-update-to-july-14-security-announcement-from-steemit-ceo-ned-scott First Update to July 14 Security Announcement from Steemit CEO Ned Scott] Signed by '''[[Ned Scott]]''' and published in @steemit3 profile on [[Steemit]] in July 15th, 2017</ref>
  
[[Steemian|steemian]] [https://steemit.com/steemit/@steemitblog/important-security-announcement-steemit-ceo-ned-scott#@steemed/re-steemitblog-important-security-announcement-steemit-ceo-ned-scott-20160714t160540029z @steemed] commented that the [[Steem]] protocol itself (the "coin") was not hacked, nor was any smart contract running on top of the Steem protocol. It was a website hack where a hacker stole funds and account credentials.<ref name=coinfox>[http://www.coinfox.info/news/5925-steem-is-hacked-85-000-reportedly-stolen Steem is hacked! $85,000 reportedly stolen] Written by '''Diana Bogdan''' and '''Svetlana Nosova''' on Coinfox in July 14th, 2017</ref>
+
[[Steemian]] [https://steemit.com/steemit/@steemitblog/important-security-announcement-steemit-ceo-ned-scott#@steemed/re-steemitblog-important-security-announcement-steemit-ceo-ned-scott-20160714t160540029z @steemed] commented that the [[Steem]] protocol itself (the "coin") was not hacked, nor was any [[Smart Contract|smart contract]] running on top of the Steem protocol. It was a website hack where a hacker stole funds and account credentials.<ref name=coinfox>[http://www.coinfox.info/news/5925-steem-is-hacked-85-000-reportedly-stolen Steem is hacked! $85,000 reportedly stolen] Written by '''Diana Bogdan''' and '''Svetlana Nosova''' on Coinfox in July 14th, 2017</ref>
  
 
===An attractive target===
 
===An attractive target===
Line 26: Line 26:
 
==Links==
 
==Links==
  
 +
* '''[[Steemit]]''' : https://steemit.com
 
* '''@dragonslayer109''' : [https://steemit.com/steemit/@dragonslayer109/did-my-account-get-hacked My account got HACKED!!!] ''July 14th, 2016''
 
* '''@dragonslayer109''' : [https://steemit.com/steemit/@dragonslayer109/did-my-account-get-hacked My account got HACKED!!!] ''July 14th, 2016''
 +
* '''@noaommerrr''' : [https://steemit.com/steemit/@noaommerrr/list-of-the-accounts-got-hacked List of the accounts got hacked] ''July 15th, 2016 (With [[Dan Larimer]] comment)''
 +
* '''@easteagle13''' : [https://steemit.com/steemit/@easteagle13/why-is-the-recent-steemit-hack-will-actually-raise-steem-value-and-make-steemit-more-popular Why Is The Recent Steemit Hack Will Actually Raise Steem Value And Make Steemit More Popular?] ''July 15th, 2016''
 +
* '''@rfromla''' : [https://steemit.com/money/@rfromla/protect-your-steem-steemit-suffers-cyberattack Protect your Steem! - Steemit Suffers Cyberattack] ''July 20th, 2016''
 +
* '''@trevonjb''' : [https://steemit.com/steem/@trevonjb/my-4-day-log-of-being-hacked-on-steemit-true-story My 4-Day Log of being hacked on Steemit! (TRUE STORY)] ''July 20th, 2016''
 +
* '''@noisy''' : [https://steemit.com/steemit/@noisy/we-just-hacked-11-accounts-on-steemit-1158-sbd-and-8250-steem-is-under-our-control-but-we-are-good-guys-so We just hacked 11 accounts on Steemit! ~$21 749 in STEEM and SBD is under our control. But we are good guys :-) So...] ''June 7th, 2017''
 +
* '''@steemitblog''' : [https://steemit.com/steem/@steemitblog/engineering-update-ddos-wallet-steemdao Engineering Update: DDoS, Wallet, SteemDAO] ''March 14, 2019''
  
 
==Related articles==
 
==Related articles==
Line 39: Line 46:
 
==External links==
 
==External links==
  
* '''BTC News''' : [http://btcnews.com/steemit-investigates-security-breach-theft-85000-steem/ Steemit Investigates Security Breach and Theft of $85000 in Steem] ''Written by Gautham N, published in July 15th, 2016''
+
*  '''LevelNet [[Medium]] Blog''' : [https://medium.com/@LevelNetwork/10-major-cyber-attacks-in-the-history-of-mankind-cd6d53f5361c 10 major cyber attacks in the history of mankind] ''Written by LevelNet, published in 10/27/2017''
* '''CoinIdol.com''' : [https://coinidol.com/steemit-s-users-get-money-back-after-cyber-attack/ Steemit’s Users Get Money Back After Cyber Attack: Will The Steem Price Go Up Again?] ''Written by Nina Lyon, published in July 15th, 2016''
+
*  '''The Merkle''' : [https://themerkle.com/affected-users-can-now-recover-their-steemit-account/ Affected Users Can Now Recover Their Steemit Account] ''Written by JP Buntix, published in 7/20/2016''
 +
* '''Graham Cluley''' : [https://www.grahamcluley.com/steemit-experienced-hack-theft-user-funds-ddos-attack/ Steemit experienced hack, theft of user funds, and DDoS attack] ''Written by David Bisson, published in 7/19/2016''
 +
* '''BTC News''' : [http://btcnews.com/steemit-investigates-security-breach-theft-85000-steem/ Steemit Investigates Security Breach and Theft of $85000 in Steem] ''Written by Gautham N, published in 7/15/2016''
 +
* '''Finance Magnates''' : [https://www.financemagnates.com/cryptocurrency/news/steemit-suffered-minor-cyber-attack-bittrex-suspended-steem-trading/ Steemit Suffered Minor Cyber Attack, Bittrex Suspended Steem Transactions] ''Written by Avi Mizrahi, published in 7/15/2016''
 +
*  '''Fintechist''' : [http://fintechist.com/steemit-suffers-attack-reimburses-affected-users/ Steemit Suffers Attack And Reimburses Affected Users] ''Written by JP Buntix, published in 7/15/2016''
 +
* '''Cryptocoins News''' : [https://www.cryptocoinsnews.com/steemit-secures-hacked-accounts-advises-new-password/ Steemit Secures Hacked User Accounts, Advises New Passwords] ''Written by Samburaj Das, published in 7/15/2016''
 +
* '''CoinIdol.com''' : [https://coinidol.com/steemit-s-users-get-money-back-after-cyber-attack/ Steemit’s Users Get Money Back After Cyber Attack: Will The Steem Price Go Up Again?] ''Written by Nina Lyon, published in 7/15/2016''
 +
*  '''LeapRate.com''' : [https://www.leaprate.com/news/steemit-com-blockchain-powered-social-network-hit-by-cyber-hack-attack/ Steemit.com blockchain-powered social network hit by cyber hack attack] ''Written by LeapRate staff, published in 7/15/2016''
 +
* '''RightsTech Project''' : [https://rightstech.com/2016/07/blockchain-social-media-steemit-hit-with-cyber-attack-investigation-underway/ Blockchain Social Media Steemit Hit With Cyber Attack ; Investigation Underway] ''Written by unsigned, published in 7/15/2016''
 +
* '''Cryptocoins News''' : [https://www.cryptocoinsnews.com/blockchain-social-platform-steemit-suffers-cyberattack/ Blockchain Social Platform Steemit Suffers Cyberattack] ''Written by Samburaj Das, published in 7/15/2016''
 +
* '''Bitcoinist''' : [http://bitcoinist.com/aaaaannnnd-its-gone-steemit-has-been-hacked/ Aaaaannnnd it's gone: Steemit has been hacked] ''Written by Frankenmint, published in 7/14/2016''
 +
* '''Altcoin Today''' : [http://www.altcointoday.com/steemit-hacked/ Blockchain Based and Incentivized Social Platform Steemit Hacked] ''Written by unsigned, published in 7/14/2016''
  
 
== In other languages ==
 
== In other languages ==
  
 +
* [[Bahasa Indonesia]] (Indonesian): [[Serangan Siber]]
 
* [[日本語]] (Japanese): [[サイバーアタック]]
 
* [[日本語]] (Japanese): [[サイバーアタック]]
  
Line 56: Line 75:
 
<br>
 
<br>
  
[[Category:Event]] [[Category:Security]] [[Category:Steemit]]
+
[[Category:Security]] [[Category:Steemit]]

Latest revision as of 10:30, 20 March 2019

Cyber Attack in Steemit context refers to a steal attack suffered on Steemit weeks after the official launch and first tokens distributions in July 4th, 2016.

In the attack, as annouced by Steemit, Inc CEO Ned Scott in July 14th, 2016, fewer than 260 accounts were compromised, and less than $85,000 worth of Steem Dollars and Steem may have been stolen.[1]

According Softpedia News who first noticed the attack was steemian The Dragon Slayer (@dragonslayer109). He reported mysterious transactions that transferred funds from his account to another Bittrex account, one of the Steem Exchanges that allow users to withdraw Steem Dollar (SBD) as Bitcoin.[2]

The hack was quickly contained. Users whose accounts were compromised were completely reimbursed. Ned Scott updated the situation in July 15th, 2016: “Within the next 48 hours, Steemit will begin to allow all newly secured accounts to reset their passwords simply by logging in with the same Facebook or Reddit credentials that were used to register in the first place. This easy process will work for the vast majority of the potentially compromised accounts. All of these account holders will regain full access to their funds and their original account name.”[3]

Steemian @steemed commented that the Steem protocol itself (the "coin") was not hacked, nor was any smart contract running on top of the Steem protocol. It was a website hack where a hacker stole funds and account credentials.[4]

An attractive target

At that time Steemit had seen an explosive growth over the previous two months with the number of users increased by record-breaking 3,200%. According to the estimations in July 13th, the Steem Tokens had reached the third place in market capitalisation after Bitcoin and Ether, jumping from $13 to over $250 million in only 10 days.[4]

Distributed Denial-of-Service Attack (DDoS)

Coincidentally or not, right after the company made the fixing announcement, a DDoS attack hit its servers. Steemit, Inc used this attack to bring down its servers for maintenance and upgrade Steemit service by adding something it called "blockchain-based multi-factor authentication," to boost account security even more.[2]

In July 21st, 2016, an article published in The Merkle annouced that Steemit platform resumed operations and compared with a similar issue faced by Ethereum community when managed to hard fork and refund the extra Ether sent in the last days of The DAO creation period.[5]


References

  1. Important Security Announcement: Steemit CEO Ned Scott Signed by Ned Scott and published in @steemitblog profile on Steemit in July 14th, 2017
  2. 2.0 2.1 Steemit Social Network Hacked, User Funds Stolen, DDoS Attack Ensued Written by Catalin Cimpanu on Softpedia News in July 18th, 2016
  3. First Update to July 14 Security Announcement from Steemit CEO Ned Scott Signed by Ned Scott and published in @steemit3 profile on Steemit in July 15th, 2017
  4. 4.0 4.1 Steem is hacked! $85,000 reportedly stolen Written by Diana Bogdan and Svetlana Nosova on Coinfox in July 14th, 2017
  5. Steemit Platform Resumes Operations Written by Eduardo Gómez on The Merkle in July 21st, 2016

Links

Related articles

External links

In other languages




Help keep this wiki page updated. Register, click in edit, add or modify the text and save.
If you're already a steemian you can be rewarded with STEEM, see how in @steemcenterwiki.