You are viewing a single comment's thread from:
RE: Lesson Learned: Further Investigation of Walictd Account Stolen Case
Wow! This is so sad!!
Okay, I have a questions, how often should a user change his keys?
PS: Great detective work! ☕
Wow! This is so sad!!
Okay, I have a questions, how often should a user change his keys?
PS: Great detective work! ☕
Perhaps it's not about changing your key but about how, where you save it and how easily you click on the wrong button, how many other tools are used where keys are asked (only posting keys can't do much harm). I have strong doubts change of key will avoid this unless the keys were stolen before the hard fork. That can be figured out.
If all those abandoned hacked accounts started before the hard fork...
If not the question is... how can an owner and master key be changed with only a posting key? Or is it in all those cases the active key? If that's the case what do these accounts have in common? Using the same keychain, an old fanbase, did they use another Steemit tool to post on Steemit, were these accounts active during the same period (active as in stealing keys).
Or are these two operations? 1. emptying wallets of abandoned accounts with the keys stolen during the hard fork and 2. keys stolen during... of more recent accounts.
Umh.. nothing surprises me anymore in life.
I've seen people doing strange and wonderful things.
We had a PI tell the viewers on some program the other morning about hijacking people that the best solution is never to have your banking applications on your mobile phone.
Best of all, I got an email from my banking institution the other day telling me that they will no longer support our business account if we don't have the banking application on our mobile phones for authentication. Hhhh??
The question remains: what should we do? Will we ever know? I doubt it.
Two phones...
One for banking and government stuff the other for the rest.
We are forced by banks and the government, the hea4th insurance and the doctor to use apps. All those apps preferably by using the pin code of your banking app! 😐
The government and the rest are the most and easiest sites to hijack.
Also good different bsnkaccounts
We just cannot beat technology. (•ิ‿•ิ)
None of these can be proven with solid avoidance so far because none of those stolen keys remember what they ever did in the past. The easiest way to know about it is by checking the authorization we have granted. You can use the tools in steemworld to check it and revoke unnecessary authorization in one go.
with this account is says nothing it's nearly imposdible to sign in no idea why..
If you log into some website, using any key, it is better to change the password for our good @patjewell, if you never login into a third-party application it is better to check it regularly to ensure safety (I will do it once in 3 months), I assumed that Android phone is less secure than PC or laptop especially who use Linux for their OS will have better security protection.
Thanks for the feedback friend.☕
In the end... there is always good and bad in everything.