Investigation Reports : Who is @molly2!!? How did hacker get access to your wallet?
Hello Steemian,
Hope all are well. First, check your wallet to make sure that your assets are safe or you are affected by the @molly2 attack. I think you already familiar with the name of this @molly2 who has taken around 2,844.696 steem and 469.322 SBD from 273 wallets including mine. 125.396 sbd and 136.649 steem had been hacked from mine(@tarpan) and my community wallet(zero-to-infinity) by this @molly2 hacker.
We all are wondering who is this @molly hacker? How did he/she/they got access to your wallet? Before going with that let check those wallets' history whose assets have been robbed by @molly2.
This @molly account had created 11 days ago. The next day, it has started its silent robbing and its noticed by @focusnow when it robbed my wallet just two nights ago. Now I will show you my investigation report on all of these wallets which had been hacked by the @molly2. First, start with the beginning date 08/04/2021 when @molly2 attacked started.
I have organized this section into 4 categories.
- At first, I organized those who are from Bangladesh,
- Second rearrange those who are old and had given the authority to any Dapp. The fundamental focus is indicating common Dapp of all accounts. I chose the most common Dapp among those accounts.
- Third, The account those who are old but never given the authority to any Dapps.
- Fourth, Totally new accounts, created after the hardfork.
Date :08/04/2021
When @molly2 started hacking, first it has taken assets from @pes7md and @rromian, then most of the initial accounts were hacked from Bangladesh.
The Account from BD:
On the first day, almost 33 Bangladeshi accounts had been hacked by @molly2. The astonishing part is half of these accounts had transfer records with one account before hacked. So, I divide this list into two parts. One part is which has a transfer record with one common account and another which have connection with multiple account or doesn't have any transfer record.
Both parts have three sub-part.
- The accounts created before hardfork and given authorization to any Dapp.
- The accounts were created before hardfork and don't give any authorization to any Dapp.
- The Accounts created after the hardfork.
Transfer Records With Common Account
Victim | account age & created year | Authorise to Dapp | Country | Transfer |
---|---|---|---|---|
@aknirob1 | 31 month/2018 | @smartsteem | bd | @ak-nirob |
@ekpzu | 26 month/2019 | busy.app | bd | @dongkong |
@alaiakaabdullah | 26 month/2019 | steempeek | bd | @dongkong |
@aknirob | 32 month/2018 | steempeek | bd | @asifkhannirob |
@mridul12 | 35 month/2018 | steemauto | bd | @dongkong |
@anddal | 26 month/2018 | steemauto | bd | @dongkong |
@johjandri | 38 month/2018 | steemauto | bd | @ak-nirob |
@leonardtd | 43 month/2017 | steemauto | bd | @ak-nirob |
@asifkhannirob | 23 months/2019 | steemauto | bd | @dongkong |
@steemus-bot | 37 months/2018 | steemauto | bd | @ak-nirob |
@steem-us | 38 month/2018 | steemauto | bd | @ak-nirob |
@yousuf001 | 38 month/2018 | steemauto | bd | @ak-nirob |
Before hacked, remarkably all of these accounts are more than one and a half years old and all of them are related to one single account. Because @ak-nirob, @asifkhannirob both account had directly transferred to @dongkong.
Victim | account age & created year | Authorise to Dapp | Country | Transfer |
---|---|---|---|---|
@foodmaker | 358 days/2020 | steempeek | @dongkong | |
@xtreamgaming | 362 days/2020 | steempeek | bd | @dongkong |
@hive-142901 | 307 days/2020 | steempeek | bd | @ak-nirob |
@naturecreations | 360 days/2020 | steempeek | bd | @dongkong |
All of these 4 ids are less than one year old and all of them were created before steem hard fork. Before hacked, also, these ids have a transfer record to @ak-nirob and @dongkong.
Victim | account age & created year | Country | Transfer |
---|---|---|---|
@trafans | 274 days/2020 | bd | @dongkong |
@ashik88 | 281 days/2020 | bd | @itzsah |
But these two accounts had been created july 2020. Both account is related to @dongkong. They never gave any authorities to any Dapp but still they got hack.
Other Accounts
Victim | account age & created year | Authorise to Dapp | Country | Transfer |
---|---|---|---|---|
@steemit.teacher | 38 month/2018 | busy.app | bd | multiple |
@rahulrana | 38 month/2018 | busy.app | bd | |
@hridoy1998 | 36 month/2018 | bottracker.app | bd |
@steemit.teacher has multiple account transfer records.
Victim | account age & created year | Country | Transfer |
---|---|---|---|
@sherin | 42 months/2017 | bd | multiple |
@rw-cryptofit | 35 months/2018 | bd | |
@farabishihab | 35 month/2018 | bd | |
@akterh42024 | 41 months/2017 | bd | |
@khansohel | 34 month/2018 | bd | |
@nafisulbari | 38 month/2018 | bd |
Before hacked, all of these accounts never had any transfer records accept @sherin. @sherin has a records of multiple transfer.
Victim | account age & created year | Country |
---|---|---|
@masum2003 | 303 days/2020 | bd |
@shotss | 274 days/2020 | bd |
This two account had been created after the hardfork and don't give any permission to any Dapps. Moreover these accounts never had transfer records before stole by @molly2.
The Account from other countries:
Old and had given the authority to Dapps
Victim | account age & created year | Authorise to Dapp |
---|---|---|
@pes7md | 52 months/2016 | steemauto |
@rromian | 41 months/2017 | steemauto |
@vampirgarfield | 37 month/2018 | steemauto |
@crypto4euro | 39 month/2017 | steemauto |
@cryptobeginner | 38 month/2018 | steemauto |
@callme | 40 month/2017 | steemauto |
@kweephyo | 37 month/2018 | steemauto |
@brightdhykseen | 45 month/2017 | steemauto |
@certifiedgee | 27 month/2019 | steemauto |
@drawingwithflare | 45 month/2017 | steemauto |
@haneun | 46 month/2017 | steemauto |
@deveerei | 46 month/2017 | steemauto |
@flamered | 42 month/2017 | steemauto |
@bayanihan | 43 month/2017 | steemauto |
@philippinetrail | 46 month/2017 | steemauto |
@artguildph | 40 month/2017 | steemauto |
@grazz | 46 month/2017 | steemauto |
@engrbev | 39 month/2017 | steemauto |
@dwin0603 | 40 month/2017 | steemauto |
@dosorio5 | 34 month/2018 | steemauto |
@sohelsarowar | 32 month/2018 | steemauto |
@ludwing | 33 month/2018 | steemauto |
@ibrahim-ats | 44 month/2017 | steemauto |
@hasim5164 | 42 month/2017 | steemauto |
@megustaofficial | 37 month/2018 | steemauto |
@henryglowz | 35 month/2018 | steemauto |
@whatsup01 | 39 month/2017 | steemauto |
@samstix636 | 39 month/2017 | busy.app |
@john-unasa | 42 month/2017 | busy.app |
@freshstuff | 46 month/2017 | busy.app |
@mcknight.lee | 38 month/2018 | busy.app |
@ultimatesupport | 33 month/2018 | busy.app |
@irfanfuadi | 38 month/2018 | busy.app |
@ahyazya | 38 month/2018 | busy.app |
@alia07 | 38 month/2018 | busy.app |
@bitcoinnews24 | 19 month/2019 | busy.app |
@fragenstein | 36 month/2018 | busy.app |
@opanyin | 51 month/2016 | busy.app |
@kpd-244 | 41 months/2017 | busy.app |
@mimidiamond | 42 month/2017 | busy.app |
@creativestreet | 32 month/2018 | busy.app |
@kcire | 42 month/2017 | busy.app |
@blisstube | 36 month/2018 | busy.app |
@fahim12 | 36 month/2018 | busy.app |
@khaidi | 43 month/2017 | busy.app/utopian.app |
@shamrozgill | 40 month/2017 | smartsteem |
@toothrot | 19 months/2019 | smartsteem |
@younesshilal | 43 month/2017 | smartsteem |
@clubmillionaires | 36 month/2018 | smartsteem |
@death00 | 39 month/2017 | smartsteem |
@bandmxo88 | 38 month/2018 | smartsteem |
@cruzeiroweb | 37 month/2018 | dlive.app |
@cryptodawny | 38 month/2018 | dlive.app |
@pacuer123 | 35 month/2018 | dlive.app |
@johnyelland1234 | 26 month/2019 | bottracker.app |
@ufukozer | 32 month/2018 | bottracker.app |
@adilraj | 35 month/2018 | bottracker.app |
@highvibesoul | 38 month/2018 | dtube |
@tralol | 32 month/2018 | dtube |
@nihardx | 40 month/2017 | dtube |
@cyruscoins | 39 month/2017 | dtube |
@zulfikar | 51 month/2017 | dtube |
@baidawi88 | 44 month/2017 | dtube |
@marcosrepresas | 28 month/2018 | dtube |
@tsklk | 40 month/2017 | dtube |
@miskoozi | 42 month/2017 | dtube |
@johnesan | 39 month/2017 | utopian.app |
@barut | 40 month/2017 | utopian.app/steemauto |
@premraval010 | 41 months/2017 | utopian.app |
@adisonnino | 40 month/2017 | esteemapp |
@sultannizam24 | 38 month/2018 | esteemapp |
@algigs | 52 months/2016 | esteemapp |
@waihinoo | 40 month/2017 | esteemapp |
@amkn6590 | 24 months/2019 | steempeak |
@popcorn2real | 38 month/2020 | steempeek |
@step91 | 25 month/2019 | drugwars.app |
@rafasays | 39 month/2017 | drugwars.app |
@michal.szwajcar | 39 month/2017 | partiko-steemcon |
@sandun-udara | 43 month/2017 | partiko-steemcon |
@bryanlornemez | 39 month/2017 | ntopaz-artisteem |
@wildanze | 37 month/2018 | @steem.app |
@chr0nix | 39 month/2017 | dmania.app |
@le0nard | 37 month/2018 | dlive.app |
@djbravo | 29 month/2018 | dlike.app |
@meechit | 40 month/2017 | streemian |
@edirosado | 38 month/2018 | fundition.app |
Old but never given the authority to any Dapps
Victim | account age & created year |
---|---|
@mcwillgo | 16 month/2019 |
@therdm000 | 55 month/2016 |
@reginalddikobe | 43 month/2017 |
@ibrahimaidoo | 38 month/2018 |
@pewe | 37 month/2018 |
@suraj3 | 45 month/2017 |
@artofuna | 38 month/2018 |
@theajay47 | 33 month/2018 |
@mahabubalam | 43 month/2017 |
@bobbydraxler | 36 month/2018 |
@dammyblake | 34 month/2018 |
@itsmejulz | 44 month/2017 |
@mnsaziz | 33 month/2018 |
@arslanahmadbwp | 39 month/2017 |
@bgmss84 | 28 month/2018 |
@leechunhung | 39 month/2017 |
@uwimanacedrick | 34 month/2018 |
@one-autumn-leaf | 46 month/2017 |
@karlandreina | 33 month/2018 |
@henryu28 | 38 month/2018 |
@norabravo | 35 month/2018 |
@yocoima | 34 month/2018 |
@loki621 | 44 month/2017 |
@junayed123 | 33 month/2018 |
@peterbeggars | 45 month/2017 |
@reynaldomarles | 25 month/2019 |
@cloak.blog | 46 month/2017 |
@dante14k | 55 month/2016 |
@samehshalaby | 45 month/2017 |
@choryspartan | 31 month/2018 |
@eskondell | 42 months/2017 |
@cariuang15 | 36 month/2018 |
@nellyjuwitasari | 43 month/2017 |
@amyra | 36 month/2018 |
@anish | 57 month/2016 |
@nitinpawar | 41 months/2017 |
@digvijacha | 38 month/2018 |
@l-bedbug-l | 45 month/2017 |
@cryptoarun | 39 month/2017 |
@rohitk | 42 months/2017 |
@alflo | 48 month/2017 |
@rsojh144 | 39 month/2017 |
@aidonwan814 | 18 months/2019 |
@jacinta91 | 37 month/2018 |
@therichprof | 39 month/2017 |
@vic-thor | 37 month/2018 |
@fusingaardvark8 | 40 month/2017 |
@hakan0356 | 48 month/2017 |
@cofri | 39 month/2017 |
@dank-crypomemes | 44 month/2017 |
@irfanrashidpro | 45 month/2017 |
@jim.beatz | 36 month/2018 |
@burakaydin | 45 month/2017 |
@breserkest | 42 months/2017 |
New Accounts and less than one years old
Victim | account age & created year | Authorise to Dapp | Hive account exist with the same Username |
---|---|---|---|
@itzak | 296days/2020 | steempeek | yes |
@huangg | 304 days/2020 | steempeek | yes |
@monmoy | 306 days/2020 | steempeek | no |
It is clearly seen that, majority of the hacking has done in 08/04/2021. In this day 177 accounts wallets assets has been stolen by @molly2.
Date :09/04/2021
Old and had given the authority to Dapps
Victim | account age & created year | Authorise to Dapp |
---|---|---|
@sephirods | 39 month/2017 | steemauto |
@donasys | 27 month/2019 | steemauto |
@the-gate-keeper | 43 month/2017 | steemauto |
@poorsage0725 | 37 month/2018 | steemauto |
@sentanu74 | 35 month/2018 | steemauto |
@m03kr1 | 35 month/2018 | steemauto |
@rajmolo | 33 month/2018 | steemauto |
@permanayogi | 35 month/2018 | steemauto |
@jimbun | 33 month/2018 | steemauto |
@steem-africa | 38 month/2018 | steemauto |
@reynoriega | 38 month/2018 | steemauto |
@juliolezama | 41 months/2017 | steemauto |
@muh-isa | 45 month/2017 | steemauto/ utopian.app |
@peacegeneration | 46 month/2017 | @steem.app |
@sakib07 | 40 month/2017 | @steem.app |
@imawesome1260 | 33 month/2018 | partiko-steemcon |
@adolforivas42 | 31 month/2018 | minnowbooster |
@chuavincent | 43 month/2017 | drugwars.app |
@akash1234 | 44 month/2017 | esteemapp |
Old but never given the authority to any Dapps
Victim | account age & created year |
---|---|
@digitalexchange | 45 month/2017 |
@anubis68 | 27 month/2019 |
@gendoukun | 37 month/2018 |
@prieto | 45 month/2017 |
@faaavila | 38 month/2018 |
@lunacohen | 38 month/2018 |
@lunarstica | 38 month/2018 |
@gtomasif | 38 month/2018 |
@bividelosangeles | 38 month/2018 |
@nelsito | 51 month/2017 |
@deethedon | 45 month/2017 |
@thunderox | 27 month/2019 |
@munir2299 | 36 month/2018 |
@lordsalvin | 45 month/2017 |
@mrazi | 44 month/2017 |
@thejobber | 38 month/2018 |
@surendramaharjan | 44 month/2017 |
In the next date, 09/04/2021 the @molly2 has hacked 36 accounts and all of these accounts are more than 1 year old. Among those 17 accounts didn't give any access authority to any Dapps. This 2 days @molly2 has stolen 330.96 SBD and 814.886 steem all these accounts. Then transfer all the assets to @robertl13.
Date :11/04/2021 and 12/04/2021
Victim | account age & created year | Authorise to Dapp | Date |
---|---|---|---|
@younesshilal | 43 month/2017 | smartsteem | 11/04/2021 |
@clockworkhuman | 51 month/2017 | 12/04/2021 |
Date :14/04/2021
Victim | account age & created year | Authorise to Dapp |
---|---|---|
@murad06 | 41 months/2017 | steemauto |
@punkxer | 46 month/2017 | steemauto/ @utopian.app |
@yingclara | 44 month/2017 | steemauto/ @utopian.app |
@huanran | 43 month/2017 | steemauto |
@sundram | 34 month/2018 | steemauto |
@parkyingnam | 44 month/2017 | steemauto/ @utopian.app |
@eos-casper | 43 month/2017 | steemauto/ @utopian.app |
@diantbi | 44 month/2017 | steemauto/ @utopian.app |
@fannylucifery86 | 39 month/2017 | @utopian.app |
@kiming | 44 month/2017 | busy.app/ @utopian.app |
@nian99 | 44 month/2017 | busy.app |
@sundram1221 | 33 month/2018 | @steem.app |
Here , @murad06 is user from Bangladesh. This account has transfer history to multiple account.
Old but never given the authority to any Dapps
Victim | account age & created year |
---|---|
@phiber | 46 month/2017 |
@gexplode | 43 month/2017 |
@kassybaba | 45 month/2017 |
@hizmarheel | 33 month/2018 |
New Accounts and less than one years old
Victim | account age & created year | country |
---|---|---|
@saran97 | 201 days/2020 | bd |
Date :15/04/2021
Old and had given the authority to Dapps
Victim | account age & created year | Authorise to Dapp | Hacked 2nd time |
---|---|---|---|
@nihardx | 40 month/2017 | dtube | 2 |
@toothrot | 19 months/2019 | smartsteem | 2 |
@pes7md | 52 months/2016 | steemauto/ @utopian.app | 2 |
@vampirgarfield | 37 month/2018 | steemauto | 2 |
@crypto4euro | 39 month/2017 | steemauto | 2 |
@brightdhykseen | 45 month/2017 | steemauto | 2 |
@drawingwithflare | 45 month/2017 | steemauto | 2 |
@johnyelland1234 | 26 month/2019 | bottracker.app/ partiko-steemcon | 2 |
@chr0nix | 39 month/2017 | dmania.app | 2 |
@premraval010 | 41 months/2017 | utopian.app | 2 |
@meechit | 40 month/2017 | streemian | 2 |
@algigs | 52 months/2016 | esteemapp | 2 |
@mimidiamond | 42 month/2017 | busy.app | 2 |
@fragenstein | 36 month/2018 | busy.app | 2 |
@opanyin | 51 month/2016 | busy.app | 2 |
@madcool | 45 month/2017 | busy.app | |
@edulan | 38 month/2018 | steemauto | |
@figophyolay | 45 month/2017 | steemauto | |
@muhammadrazi | 45 month/2017 | esteemapp |
Old but never given the authority to any Dapps
Victim | account age & created year | Hacked 2nd time |
---|---|---|
@therdm000 | 55 month/2016 | 2 |
@aidonwan814 | 19 month/2019 | 2 |
@fusingaardvark8 | 40 month/2017 | 2 |
@pewe | 37 month/2018 | 2 |
@sesiah | 50 month/2017 | |
@mraj74 | 47 month/2017 | |
@kingo | 54 month/2016 | |
@emprenin | 57month/2016 | |
@spy.sitarenios | 47 month/2017 | |
@kyulri | 16 month/2019 | |
@misoon | 16 month/2019 | |
@moonsupark | 48 month/2017 | |
@nunzio | 48 month/2017 | |
@amynmajid | 47 month/2017 | |
@ceauvalh | 45 month/2017 | |
@noximus | 57 month/2016 | |
@fredimadg | 48 month/2017 |
On 15/04/2021, @molly has taken assets from 36 accounts. Among these 36 accounts, 19 accounts have been hacked second time in a week. The account @therdm000 has been hacked 3 months ago by @robertl13.
Date :16/04/2021
Old and had given the authority to Dapps
Victim | account age & created year | Authorise to Dapp | Hacked 2nd time |
---|---|---|---|
@peacegeneration | 46 month/2017 | @steem.app | 2 |
@chuavincent | 43 month/2017 | drugwars.app | 2 |
@imawesome1260 | 33 month/2018 | partiko-steemcon | 2 |
@adolforivas42 | 31 month/2018 | minnowbooster | 2 |
@whatsup01 | 39 month/2017 | steemauto | 2 |
@sentanu74 | 35 month/2018 | steemauto | 2 |
@permanayogi | 35 month/2018 | steemauto | 2 |
@pearly | 39 month/2017 | steemauto | |
@losmosqueteros | 38 month/2018 | steemauto | |
@steemhispano | 38 month/2018 | steemauto | |
@asunaxzelda | 35 month/2018 | steemauto | |
@arvindkumar | 45 month/2017 | steemhunt.com | |
@c10h15n | 38 month/2018 | dtube | |
@ibalmarwan | 47 month/2017 | dtube | |
@hutossy | 39 month/2017 | utopian.app | |
@steve1122 | 48 month/2017 | utopian.app/steempeak.app/steemauto | |
@zohaib336 | 34 month/2018 | steempeak | |
@realizeyes | 37 month/2018 | @dmania.app | |
@ichbinbesser | 37 month/2018 | smartsteem |
Old but never given the authority to any Dapps
Victim | account age & created year | Hacked 2nd time |
---|---|---|
@burakaydin | 45 month/2017 | 2 |
@money-talk | 47 month/2017 | |
@cvs04 | 55 month/2016 | |
@bemate | 54 month/2016 | |
@hadar | 50 month/2017 |
New Accounts and less than one years old
Victim | account age & created year | Authorise to Dapp |
---|---|---|
@zero-to-infinity | 43 days/2021 | steemauto.app |
@arifulislamabir | 261 days/2020 | steemauto.app |
@tarpan | 290 days/2020 | steemauto.app |
On 16/04/2021, @molly has stolen from 27 wallets. Among these 27 accounts, 8 accounts have been hacked second time in a week.
Then next day, 17/04/2021 @molly2 has sent 138.362 SBD and 2029.81 steem to the robertl13.
Target Accounts:
- Following these tables, it is sure most of the target accounts are old accounts those who more than 1 year old.
- Last 12 days @molly2 hacked 273 wallets, where 251 accounts age is more than 1 year old. and all of them were created before Hardford.
- 80% of these accounts had been inactive for a long time.
- Among these 273 accounts, 163 have authorized one or more Dapps.
- The Bangladeshi accounts were hacked, all them looks like farming account/spamming account.
Suspicious Dapps:
- steemauto, busy.app, smartsteem, dlive.app ,bottracker.app, dtube, esteemapp, steempeak, drugwars.app, partiko-steemcon ntopaz-artisteem, @steem.app, dmania.app, dlike.app, streemian, fundition.app, minnowbooster, @utopian.app
All of those 163 accounts have authorized these Dapps. All of these Dapps are inactive for a long in the steem blockchain. All of these Dapps use to connect through a signer app name steemconnect.
- 79 accounts have given authorization to the steemauto.
- 26 accounts have given authorization to the busy.app.
- 13 accounts have given authorization to the steempeak.
It is clearly showed the majority of access has been given to these 3 Dapps.
There are two variants of steemauto service. One is steemauto.app which I have given authorization to. This Dapp leads to the link https://steemdb.online
Another, steemauto which leads you to this link https://steemauto.com/. Probably this domain is not working in steemit now. Most of the old inactivated accounts have given authorization to this link.
Old but never given the authority to any Dapps, still got hacked
Among these 251 old accounts, 105 accounts never give authorization. After steem-hardfork, Steem blockchain has just split and they have rivalry blockchain of steemit. If you didn't update your keys after hardfork anything can be possible.
Another, steemauto which leads you to this link https://steemauto.com/. Probably this domain is not working in steemit now. Most of the old inactivated accounts have given authorization to this link.
New Accounts and less than one years old, still got hacked
Among those 273 accounts, 22 accounts are newly created and all of these accounts age is less than 1 year.
Of these, 12 accounts have given authorization to 3 Dapps.
- 7 accounts were given authorization to steempeak.
- 4 accounts given authorization steemauto.app
- 1 account authorize dlike.app
Then why rest has been hack. Because Out of 22 , 10 accounts never given authorization to Dapps. So,
- These 10 accounts may click on any scam link and shared their keys in that link.
- Perhaps given the authorities to any browser extensions, apps, or spy sites. Which can crack the saved passwords.
- Maybe those accounts are running by the hacker.
Who is this @molly2
Just a few months ago an account named @socialbomber stole a lot of assets from a lot of people's wallets. I think @molly2, and @robertl13 also a part of their team.
I have investigated @robertl13 wallet. I found @robertl13 has two Binance wallet transactions. One is to the actifit.signup.
The two binance memos are 105421188 and another memo is 103834249. So I try to investigate more deeply. I found the second key has a relationship with this account @anthonyj. This is the profile of that account https://steemit.com/@anthonyj/posts
How many alternative account @molly2 have
I think all of these 13 accounts are related to @molly2 and @robertl13
@funnybaby | 188 days/2020 |
---|---|
@clockworkhuman | 51 month/2017 |
@noximus | 57 month/2016 |
@tigers67 | 52 month/2016 |
@kingo | 54 month/2016 |
@spy.sitarenios | 47 month/2017 |
@kyulri | 16 month/2019 |
@nunzio | 48 month/2017 |
@amynmajid | 47 month/2017 |
@cvs04 | 55 month/2016 |
@bemate | 54 month/2016 |
@hadar | 50 month/2017 |
@housam | 53 month/2017 |
@funnybaby didn't give any authorization to any dapp. @molly2 has stolen money from the wallet but this account didn't update the keys and was actively posting.
@clockworkhuman @noximus @tigers67 @kingo @spy.sitarenios @nunzio @amynmajid @cvs04 @bemate @hadar @housam
These 11 accounts has been born a long time ago. After the creation all of these never done anything. Not a single activity is seen. Then suddenly at the beginning of this month, all of these accounts given power down and send all the assets to the @molly2.
- @kyulri transfer the asset to @molly2 at 14:22 and was given power down at 14:57. What happened to the middle 30 minutes.
@socialbomber, @molly2 and @robertl13 all are same.
When I investing every hacked wallet, I found something interesting in the account @steve1122. https://steemitwallet.com/@steve1122/transfers
@steve1122 wallet had been robbed 4 months ago by @socialbomber.
In the screenshot, @steve1122 messaged @socialbomber
>"Someone illegaly took my 20 steem and sent it to this account was it the steem company."
3 days ago @steve1122 again robbed by @molly2.
But the astonishing part is in this screenshot, Please watch this screenshot closely and carefully.
See those yellow line,
After losing assets to @socialbomber, @steve1122 update his wallet keys but 3 days ago he's again robbed by @molly2. After updating the new keys @steve1122 never shows any activity in steemit. Then how did this wallet got hacked??
For safety purpose what you should do
- At first, revoked all the authorities to your account by going to this site tools provided by @steemchillers here
You can also follow this tutorial created by @girolamomarotta
You can also do it shortly by entering this link.
https://steemlogin.com/revoke/dpoll.xyz
https://steemlogin.com/revoke/utopian.app
https://steemlogin.com/revoke/steemreply.app
https://steemlogin.com/revoke/steemauto
https://steemlogin.com/revoke/partiko-steemcon
https://steemlogin.com/revoke/dtube.app
https://steemlogin.com/revoke/downvote-tool
https://steemlogin.com/revoke/dlive.app
https://steemlogin.com/revoke/buildteam
https://steemlogin.com/revoke/bottracker.app
https://steemlogin.com/revoke/steempeak.app
https://steemlogin.com/revoke/nextcolony
https://steemlogin.com/revoke/holybread.app
- Update your all keys.
- If you have liquid steem or sbd then move your asset to exchange sites or power-up.
One more suggestion, if you familiar with any of the victims then immediately inform them.
I found two accounts on social sites, I try to inform them. Maybe they are not also active on social sites.
Possible Solution to prevent These Hacker Attack.
- If possible then steemit should implement a two-factor authentication when transferring the fund and updating/changing any of the keys.
Regards,
@tarpan
They have also transferred steem from my account, @remlaps is right, I too have seen these accounts on both Steemit and Hive, the Steem community should have a solution about what we can do, I think the Steem owners The account should be closed immediately. And they should seize the property of their account which they have stolen from our account.
FWIW, I looked at a bunch of these accounts on both Steem and Hive, and one thing that caught my attention was that a bunch of the accounts seemed to be users of something called "beemengine". I assume it's a bidbot of some sort, but don't know anything about it. It appeared in many of the relevant wallets, though.
Yes, most of these accounts previously used bidbot. As far as I know, previously all the Dapps connect through a signer app name steemconnect. Here I showed the most commonly used Dapps between multiple accounts. But I found the majority of this account has given authority to multiple Dapp which are now mostly active on the hive.
Excellent work . I have not found any other article with such information as yours. You have done a tremendous job.
You have been upvoted by @rex-sumon A Country Representative, we are voting with the Steemit Community Curator @steemcurator07 account to support the newcomers coming into steemit.
Follow @steemitblog for the latest update. You can also check out this link which provides the name of the existing community according to specialized subject
There are also various contest is going on in steemit, You just have to enter in this link and then you will find all the contest link, I hope you will also get some interest,
For general information about what is happening on Steem follow @steemitblog.
Thanks for the guidance on how we can prevent our accounts from overtaking by third parties.