A Sad Steemit Day: My Account Was Hacked!!!

in hack •  5 months ago

Some devil hack my Steemit account and withdrew my earnings to @bittrex. I hope he goes to hell, literally!

So today I woke up doing my routine which is going to Discord and browsing through the notifications of @ginabot when I stopped in a Coin Transfer notice. Still feeling sleepy, my brain processed this awful information for a minute before reality hit me that my hard-earned SBD and Steem was withdrawn by an unauthorized user. I was mortified and can't believe what just happened.Some crypto devil withdrew all of my earnings!

IMG_20180314_201227.JPG
Ginabot notified me of the unauthorized withdrawal.

IMG_20180314_201331.JPG
Very traumatic!

I don't have a Bittrex account and I have not made any withdrawals for the month. I literally cried my heart out while typing furiously to different Steemit group chats both in Discord and Messenger asking members for help. Sir @iyanpol12 came to my rescue first and helped me analyze the situation asking me if there is a power down schedule (thankfully there was none) and said that I should change my password. I immediately did change my password but still hoping my earnings will be retrieved. Members of my #steemitfamilyph responded too and they checked my account. Sir @kennyroy, sir @wagun001 and sis @ankarlie helped me also in my situation. Sir @kennyroy and sir @wagun001 asked me to email and message @bittrex which I did and hopefully I can recover what I loss.

My Hunch On How A Hacker Got Hold of My Account

Screenshot_20180314_200836.jpg
This is the Dummy DTube App on Google Playstore.

Last Sunday, I got curious about @dtube so I search for an app on Google playstore and found one that was run by. I opened it and I signed up using my master key password on my Steemit account (yes, I know very wrong move!). After registering, I browsed through the DTube app and was confused because I can't do anything with it, not even uploading my own video. I search for the accounts of my co-Steemians who I know uploads videos through DTube also but nothing appears. This gave me cold sweat and I felt afraid because it struck me that this could be a phising app or something and so, I uninstalled it. Bad move that I didn't thought of changing my password after uninstalling which led me to this awful scenario.

What I did? I left a bad review on the app because of what happened to me. Gosh, there was also a bad review before me saying the app was a scam but I didn't listen because I thought it was still legit since the moderator replied.

IMG_20180314_201411.JPG
Apparently, I'm not the only who experience being hacked by the Hacker DTube App.

IMG_20180314_201509.JPG
This proves that I'm not the only one and this is not an isolated case.

Screenshot_20180314_200806.jpg
This looks like dummy accounts too made by the hacker to leave positive reviews on the app which is totally a lie!

Being hacked is very frustrating!

Now, I am traumatized.

Yes, that's what I felt. I felt used and abused. Nothing beats being hacked in making a person afraid and lose confidence in the platform. I don't want to feel this way but I can't help it. I mean, this is actually my first time getting hold of cryptos (Bitcoin on default, of course) and enjoying and loving it but now I have fear.

I hope that hacker gets a taste of his/her own medicine.

Now, I am still hoping I can retrieve my SBD and Steem. I am also pleading to @surpassinggoogle, @steemgigs, @teamsteem, @beanz, @paradise-found and other witnesses and whales to help me in retrieving my earnings.

I read an article by @simplymike which was all about the things he learned from being hacked. The only good news on this is that the hacker did not changed my password so I have the chance to change it. I am also asking for help to @deliberator, @penderis, @wilfredn, @bashadow from #newbieresteemday to help me also.

IMG_20180314_204938.JPG

To all Steemians, NEVER SHARE YOUR PASSWORD TO ANY THIRD PARTY WEBSITES!

The only thing I can do now is to hope everything will turn out positively.

emdesan (1).png

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

This is indeed very sad and truamatic. I hope you are able to withdraw your earnings. Is there no way the bittrex account can be blocked and the owner fished out?
So many phishing website out there. Everyone should be careful on given private key to third party site.
Very sorry about your loss

I'm so sorry, that this happened to you! I really hope, that these scammers will be caught and get punished for it. At least you got a new follower with me and I hope, that your rewards from this post alone will compensate your loss. All the best! 🙏

I am sorry to hear this happened to you.

SUGGESTION: Go back into your app store and go to the page for the app. Instead of donwloading it again, scroll all the way down to the bottom of the page and "Flag As Inappropriate." When the choices appear, select "Copycat or Impersonation" so that Google Play will know it is a scam! I just flagged them, too, and if enough of us do it, they WILL do something!

·

Thanks for the tip! I already flagged it.

·

Flagged as per your suggestion.

·

It's a shame I can't resteem comments, because this one deserves a lot more upvotes than it currently has!

Hi @emdesan55, I'm really sorry to hear that you've been a victim of a phishing attack. Unfortunately, I don't think there's much you can do to get the money back without tracing the payment back to bittrex and successfully identifying the hacker by their bittrex account But this will be hard to do.

Others may have more innovative ideas as to how we can help you to retrieve the lose Steem/SBDs, so I leave the floor open for them to discuss it. At this point, my opinion is that you should think of the loss of ~25% of your account value as the cost of a lesson in security, and take steps to protect your account further! For example, you should never log in with your password, but instead with your posting/active keys as needed.

I know that this comes too late and it won't change what has already happened, but better a small loss now than a bigger loss in the future!

·

You are right. Thank you for your kind words @wilfredn. Good thing I was also notified by @ginabot.

·

Maybe tracing the hacker by his Google play account would be more effective than tracing it back through bittrex?

I'm not sure if it would lead back to the hacker, but Google must keep some record of who uploaded that dummy app.

@emdesan sorry to hear. Remember to use the Savings function if you hold more than 20 STEEM or 20 SBD. Your steem power is safe due to 1/13th withdrawal per week and Savings have a holding time of 3 days. This can prevent immediate transfers out of your account. Hope this helps :)

·

Yes, thanks for the information. This really helps and I will follow your tip

Sad situation to hear about. Be aware there are so many phishing scams nowadays. The key thing to remember is to ensure that you are signing in through SteemConnect or officially through Steemit.com and always be careful who or what you are sharing your credentials with

·

Yes, I learned my lesson now and I will limit exploring on third party websites too

Reading through, i cant say i know how you feel, but i know its disheartening and painful, who ever is behind this would get a full bite of his own medicine. Not just a taste. Thanks to this i hope people won’t fall victim.
Sorry once again.

·

Thank you for your support. It was heartbreaking for me but I want to share with you all because that is what the least I can do to stop this hacker from victimizing other people.

I am so sorry for your loss. I sincerely hope that you get your Steem and SBD dollars back. Thank you for speaking up and sharing your experience. I learnt a lot of lessons from this. One that stuck with me is about downloading Steem based apps from Google Playstore.

At the moment, I only have two apps installed on my phone that are Steem based - Steepshot and eSteem. It took me days to deliberate and read every article on Steemit that endorsed those apps as being genuine. Not just any articles, but articles from trusted and verified sources. Even at that, I am still careful when logging into these apps.

I sincerely hope and wish that the Steem team comes up with a solution to this.

·

I also hope to get back what I loss but that looks impossible now yet I am still positive about what happened now becausd I realized my experience can help many Steemians to be aware and careful all the time. I do hope Steemit will take this issue seriously and make actions to stop scammers.

I am very sorry to hear of your loss, unfortunately this world has very bad people that want to gain off the sweat of others.Thank you for sharing your story which should serve as a lesson to everyone. Lets pray that the people at bittrex can trace the transactions using the memo numbers and reverse them OR at-least explain which account withdrew it. Good luck @emdesan wishing you all the best :)

·

Thank you for your support. I hope Bittrex can really help me trace what account stole my earnings.

This is a very sad experience. In this time of great security breaches, one needs to be very careful with third-party sites and applications. They may look cool and nice on the surface, but beneath is all sorts of evil. I feel for you my sister. Very sorry you found out the harf way. But do not be discouraged. Am happy you still had the opportunity to change your password and maintain access to your account. Everything that goes around comes around. The evil mind behind your problem will not go unpunished. Dont givr up. We stand together with you in this time of great test. Together, we can excel! Take heart my dear and take good care of yourself.

·

Thank you for your kind words, reading your comment really uplifted my spirit! You are right that they will receive their karma soon and I hope they get tot taste their own medicine so they know how it feels. You have helped me to think positively and never stop steeming. Thank you!

Feel sorry for you sis. Grabe.. sna mag response ang Bittrex team.

·

Sana nga sis.. hoping

thank you for the warning/information and i hope you get back your hard earned sbd and steem....

Sorry to hear that. Thanks for sharing your experience...

Let's start again and hope everything is okay now. I'll resteem your post so that other steemians can swim carefully.

·

Yes, do resteem so everyone will be aware.

The content has written so good.

·

I hope to make everyone aware of the DTube scam app.

Yes, seems like that app is a fake. Recently I looked for a Busy.org app and I found it on google playstore. I downloaded it, but then I realized that nobody announced that there will be an app like this. So I immediately deleted the app, because it's also a scam.
Sorry for your loss, but at least you're getting some nice upvotes on this post.!

o-oh, that's bad and I'm sad to hear it. I hope it gets well. Thank you as well for the heads up.

ohh very careful the next app follow now

Oh no!! 😱😱😱
Thanks for the heads up!!
I will never download that app... Good thing I read this post first before doing that..

Aww... It's sad but..
It's just a bad day, not bad life...
It's never too late to start all over again 😉

·

Yes never download that app.. It was a very traumatic experience

·
·

I don't know if I have the fake one or the real one. :(
Joy

·
·
·

Just do not leave SBD nor Steem in your wallet. Power Up or Transfer to Savings so in case of hack hacker can't steal them right away.

·
·
·
·

I figured the waiting period to power down was good.
@null hacked me...check out the wallet. This was 2 mos ago for just .10 sbd. Oh well. Thank you so much @pinay
Joy

·
·
·
·
·

YES. If you plan to withdraw in fiat in less than 3-7 days better sell SBD to ETH and hold it there than hold in SBD wallet. I also installed Sophos antivirus because it alerts if there is a threat. 🙂

I'm so so sorry. I really hope the whales are able to help

OMMG!!!!! are u alive ?

This is so sad. :( Thanks po for sharing this!

so sad for you. feeling very bad.

·

I also felt bad about the situation but I hope you learned something from it.

This is so sad. :( Thanks po for sharing this!

That's very sad. Contributing my 2 cents by a very small up-vote. I hope you get your money back. Just wondering why did you keep your SBDs as is. Why did you not convert them to Steem power ? Would have been saved due to the power down settings.

·

Yes, that's what I've been thiking too. But I will open a wallet in coin exchange similar to bittrex so my sbd can't be stolen anymore.

·
·

I prefer to sell and keep in BTC and ETH wallets if not Power Up. Coins.ph requires Google Authenticator codes.

Binance is safer than Bittrex I guess because Binance requires Google Authenticator codes to withdraw but fee is quite high. I am not sure if Bittrex do the same now. :)

I always enable 2 Factor Authentication.

·
·

Just FYI. Wallets on exchange are not safe either. In fact they are more prone to attacks. Just be careful with that.

oh my god this is true.

Screenshot_2018-03-14-20-12-26-622_com.discord.png

just this morning I got a message from my friend.

·

Oh my! Hope this hacking will stop soon

·
·
·

What we should do is to NEVER leave our earnings at SBD and Steem wallets aside from using Posting key. Transfer to Savings or Power Up and better schedule cash outs on weekly basis. Or, if we plan to withdraw in fiat we can simply cash out SBD/STEEM and hold the funds at BTC and/or ETH wallets so we can withdraw any time. :)

I really feel sorry for you. I hope you get help from someone in time

Some steem is missing from mine too I think... I will try the @gina to find out. I hope everything works out. Thanks for the warning.
Joy

·

Yes,register to @ginabot on Votu Discord.

Damn it's really saddening to hear all this

Such an awful experience. Am sorry for your loss and am glad you shared so that newbies like us can learn and avoid making similar mistakes. in all I urge you not to give up on this platform.

I m really sorry about that. Lesson for all of us not to trust anyone
Hackers can only take what is in ‘liquid form’ meaning sbd and steem. Thats why i convert everything in steem power....
I wish you have a happy ending in this story

So sorry for your loss :( this shouldn't happen to anyone. It's our hard earned money, y would some beggers will get hold of it!

Sorry to hear you got hacked, and glad to see you have access to your account.
This phising attack is serious business. Some smart hackers are at work... I see new people fall victim every day.
That’s why it’s important to spread the message around.

Wow! I feel very bad because I don't have any experience or knowledge that might be of help.

It's great that you spoke out.

I'm very sorry for such a bad experience with scammers.

i am big fan of steemgigs
DQmSYF6kkEDUfjCyG7N2vv6QegwmMLAcs68cHWK9BBKf4WK_1680x8400.jpg

I have also encountered an attack yesterday through a comment link on my post.. So I changed my password right away.
Screenshot_20180314-142313.png

·

I will read your article sis. Hope I will be able to retrieve my SBD and Steem

·
·

is it ok sis if i comment my link post here so commenters will be aware also..

·
·
·

Ok sis.. Go lang!

·
·
·
·

Ok sis.. Hope this will help others also to be vigilant..

oh no so sad you can try to back your account

Sad mam @emdesan. I'm wishing for your quick recovery.

·

Me too sir :(

I am sorry for what has happened, I gave 3 100% upvotes, it is not much help, but I hope it helps a little bit.

·

Thank you for your support, I really appreciate it. Every vote is important for me as I will build again all of what I loss. As a Minnow, it is not easy but I will be positive about this

That dummy account commenting positive feedback could be your lead or could be culprit.

·

Hope they will experience karma!

may mga ganyan talagang tao na nabubuhay sa pag gamit o pagkuha ng pera na hindi naman nila pinaghirapan, Diyos na bahala sa kanila.

·

Yes po si God na bahala sa kanila pero sana makarma pa din sila. Grabe mamerwisyo! Nakakatakot!

Sorry to learn that. A debt of gratitude is in order for sharing your experience...

We should begin again and trust all is well at this point. I'll resteem your post with the goal that different steemians can swim precisely.

·

Thanks for the resteem, I hope no one falls victim again with that DTube App. It looks true and any newbie steemian cannot know the difference until they have entered their master key and see that you can't do anything with it.

No way!!!
I heard that a lot of Steemit users got their accounts got hacked in the past days. This is awful, isn't it?
And also there's a scamming site named steevit. It's 'V' instead of 'm'. Don't click the links you get without checking the URL

·

the one i ecountered yesterday was steemil. its "L" instead of "T".

·
·

This is a big probem!!!
Beep beep! Hackers everywhere!

·

Yup! Hackers nowadays are creative and full of tricks up their sleeves. We should all read first the links before doing anything or plainly don't click any links and manually type steemit in the web address bar.

·
·

Yup, you are right.

sis I'm so sorry
And Diyos na bahala sayo sis. ibabalik sayo yan
doble pa dyan, hinga malalim.
Kaya yan, nakaka high blood pero kaya mo yan.
upvoted 100 %

·

Thanks sis.. Salamat sa suporta at upvote mo para mabawi ko yung nawala sakin. Naiiyak pa din ako sis pero kinakaya ko na ngayon. Iniiskp ko nalang din na walang pagsubok na binibigay si God na hindi natin kaya so fight lang!

This is why I never hold even CENTS on my SBD and Steem wallets. I always "Transfer to Savings" or "Power Up" so in case of hack hacker can't steal them right away.

I also change my password from time to time especially when I use android even no hack happened. I only use my generated password at SteemConnect and I use a separate browser on android exclusive for busy/SteemConnect. I feel more secure using iOS but since I heard of these hackers I only login using my POSTING key even on eSteem app. I am also using Sophos antivirus on android, it warns if there is a threat.

Walang patawad mga hackers na yan kahit kapiranggot ninanakaw. Yung isa ngang nabiktima matindi yata trauma pati yung comment ko with steemgigs footer flagged nya akala siguro hacker na rin steemgigs.org kaloka naflag ako dahil sa steemgigs parang matindi hangover nun sa hacker 😅

·

Hehe naflag ka sis dahil sa steemgigs footer? Kakatrauma din kasi sis pag nahack e first time ko pa naman din na experience to kasi bago bago lang din ako sa cryptos and such. Salamat sa tips sis. Ngaun ang gagawin ko nalang Transfer to Savings Or Power Up para mahirap kunin SBD at steem ko at change master key password once a month the least. Naiiyak pa din ako sa nangyari sakin. Lesson learned.

·
·

Nakakaawa nga na nakakatawa yung biktima ng steewit @ good-kama kasi kahit ako di ko agad napansin na walang "r" akala ko inaakusan nyang hacker si witness good-karma buti naliwanagan ako sa comments ng iba kulang pala isang letra 😂 malamang kung minalas malas ako napaclick din ako at nabiktima na rin kasi labo ng mata ko 😂

First time nya siguro mabasa steemgig.org kaya kala hacker din ako. Binawi ko nga 0.01 ko at mute ko hahaha pero obvious na engot pa rin binigyan pa ako chance na idelete ko comment ko na flagged nya kasi hindi nagcomment. Pag wala kasi nagcomment pwede pa madelete post/comment. 😂

·
·
·

Hindi na nga pde maging kampante ngayon sis.. kelangan alisto tsaka binabasa talaga lahat

You'll get through this sis and bounce back stronger!! And always be careful.. @emdesan

·

Thank you sis. Yes, I learned a lot from this mistake. I hope no one else experience this...

Grabe,napaka walang naman awa yung gumawa nyan :( pinagsikapan mong ipunin tas nanakawin lng pala. Thanks for the warning , I hope you can get back what you have loss.

·

Oo nga nga walang konsensya mga hackers ngayon kahit yung ultimong cents kinuha nila

I'm suffering with you today. We rise again together tomorrow!!
Love you my dear friend @emdesan!! Bear hugs!!

·

Thank you sir for your support! I really appreciate it. Yes, we will rise again and learn from this mistake..

So sorry to hear. :( I hope we can all upvote your money back!

·

Thanks for your support, it means a lot to me..

This is terrible. I am so sorry that this has happen to you and I hope that you can retrieve your earnings back.

awtz. sis , this is indeed nakakaloka, lesson na din to para sateng lahat , hayaan mo babalik sayo yan sis , siksik liglig umaapaw . 🙏

oh my! alot of hacking issues lately. Thanks for sharing @emdesan. I hope you would able to recover your hard-earned sbd.

Third party hell. What a shame. So sorry to hear, sis Em. Better things coming!!!

Damn them hackers!

Just hold on sis !! God is watching us , everything will be returned to you in some ways. Kaya yan sis babalik lahat yan:)

sorry about this sis sayang naman nakakalungkot pero di bale isipin nalang natin na sa ganong praan nalang nawala o nagasta ang pera kesa sa ibang dahilan pa... hugs thanks for the awareness

I really hope you get your hard earned money back. It's a very painful experience and I appreciate the warning. Also I read a blog that says putting your steem and SBDs into savings will at least delay the transfer for 3 days so you can take actions within those times. Also I'm not comfortable giving my password to any page as well. I hope everything goes well for you. You have my prayers. And guys let's be more careful out there. :(

My steemit account was also hacked last week,149 SBD lost and that is totally Hurting up to my bone marrow. he/she use blocktrades.. but if he used bittrex you can track that. ask if someone knows how to track the person who stole your SBD using the bittrex transfer.

I can just imagine your pain. Hope Steemit devs will come up with a better way to safeguard our accounts aside from abstaining using our master key

omg so sad to hear that I hope you get them back take care

So so sorry to hear of your lost. I can imagine what you went through. If this happen to me, I would not know why to go for help even if I want to. Thanks for sharing and I will remember not to share my password and account especially as I am not well versed with tech or IT.
I hope you get your SBD and Steem.

Sorry to hear this has happened to you and we hope karma goes around to them for doing what they did.
Our little upvote will help you retrieve what you lost. Hopefully, more will come to your aid 😊

✈️👫

damn. phishing site it is. feel sorry for you fellow steemian. i don't think that it can be recovered but maybe with the help of some whales your payout to this post will be equal to amount of SBD that is hacked.

upvoted and resteemed for awareness of others

·

I hope those phishing sites will be taken down. Many Steemians are now victimized especially newbies. Thanks I do hope I can get back what I lost.

Can I write this on my blog? in Indonesian

·

Sure, you can translate it so more people will be aware.

oh dear this is painful 😞😖😭

·

Yes very painful!

Sorry to hear this. Im not saying anything but just to be giving you my tiny support at a 0.01 Vote. Get it over soon.

·

Thanks for the support.. This means a lot to me

I wish you overcome the loss and I love those people who helping you to recover the lose almost, hats off @surpassinggoogle for being selfless and very generous mentor. @emdesan dear please stay safe.

·

Yes, I thank @surpassinggoogle for taking hos time to answer my questions regarding my situation..

This is sad. Evils are everywhere. You are the second person I have heard of being scammed. I hope you will still get back your money.

·

Unfortunately, the money that was stolen is quite impossible now to retrieved but at least through my experience I made everyone aware about that scammer app.

·
·

At least the scammer didn't change your password. I read from a group chat that after she entered a link that was posted in the comment section on her blog, her account was hacked. Too many evils are lurking around.

Sorry @emdesan
My account also hacked by someone. I recovered.

·

That's good! Good for you. Those hackers should be banned here.

·
·

Right,
They have transferred my all earnings by a fishing site on they day before yesterday.
I have written all about their hacking procedure, that they applied for me.
I think, If we will conscious about our security, then they will not be able to trap us.

Sorry for your loss, @emdesan. Your hacker will not get away with this because there is such a word as "karma". He did evil, so he will reap evil too more than what he has done.

Hala! Grabe. Nakakalungkot naman.mam @emdesan

Ang daming budol talaga sa mundo. Pati pinaghirapan ng iba, pimaghirapan din nila kuhanin. Bakit di na lang gumawa ng account sa steemit tapos kumaibigan ng marami at magpost ng mga bagay na may kabuluhan para maupvote yung gawa nila at makapagwithdraw sila ng SARILI nilang SBD.

Hayaan mo, naniniwala ko sa karmang malupet. Kapit ka lang at wag panghinaan ng loob.

Tuloy lang natin dito ang gawaing mabuti. :)

God Bless po!

@smafey

hala grabe naman sis....basta ipagpray natin sis maaayos din lahat yan...sorry to hear about this sis @emdesan...

I am sorry to hear this. I can not understand, how this kind of spywares can be uploaded to a great appmarket like playstore?

hahahah !

This is terrible!!!

I am really sorry to read this and I hope in some way you are able to get some if not all your funds back.

Chin up and good luck :-)