Malicious Attack on Steemit? Nijeah Attack
Last night, the STEEM blockchain froze due to an attack that exploited a bug.
I call it Nijeah attack
So what happened? apparently @nijeah attempted to withdraw -1,000,000,000,000 VESTS from vesting balance... What is wrong with that number? It is negative! In fact, @nijeah attempted this multiple times.
Looks like @nijeah was a copy and paste scammer that was copying and pasting @haejin blogs. That scam was shut down back in January. Take a look at @nijeah blog history. All the blogs were flagged to zero for copy and past plagiarism.
So @nijeah is back with a Nijeah attack
Since January, @nijeah account was completely quite until 7 days ago. Down time was an inconvenience while a patch was pushed out the witness nodes. I bet the witnesses are all red-eyed right now.
It appears that this error that was exploited was a minor one in the sense that it went unnoticed for so long and when exploited, didn't cause any issue with currency supply.
Let's take a closer look at @nijeah
I noticed that this account is delegating the balance to someone. Who could that be?
I checked and the account that @nijeah is delegating to is @wewt
I don't know if @wewt is involved, but it is suspicious that @wewt is not paying for that delegation and @nijeah delegated everything over to @wewt when his account was being hit heavily for copy and paste plagiarism.
I hope you enjoyed reading my Blog. Please remember to Upvote, Resteem, and Follow. Thank you.
---------------------------------------
For a breakdown of how Steemit Rewards system works:
For a breakdown of Steemit Keys:
https://steemit.com/life/@socky/do-you-understand-your-steemit-key
For a breakdown of why Steem Power is Important:
https://steemit.com/steemit/@socky/why-is-steem-power-important-beginners-read
Good investigative work. Thanks, @socky!
Thanks, I think that some additional collaboration with Bittrex should take place to identify @nijeah. That is where @nijeah was transferring STEEM. I also think that there should be a massive Steemit account that generates new STEEM to fund a Hacker Bounty program which targets hackers. This would incentivise the community to trace the hackers to where they are working and bring them to justice. Binance has a program like this.
Bounty programs are effective...
That's not a bad idea! I wonder what @ned thinks of this.
@socky that attack also gave me shock for a while.. hehehe but later after checking their twitt.. i felt normal.. hahah
I think everyone was a little nervous, but witnesses were making announcements on other social media outlets that they were working on it and that no account balances were at risk. I noticed that STEEM was still trading on the exchanges. That is because they trade a virtual supply while a central wallet has the STEEM in it. This allows them to continue as nothing happened. While the blockchain is frozen no one can move that associated currency in or out of an exchange, but trading continues.
Yes and blocktrades processed eth transaction like three hours processing time, a day before these bugs happened. Was not me but a friend of mine asking me if this kind of delay was normal. I haven't experienced that so far. The longest time with buying eth from my SBD was around 15 minutes.
upvote for me please? https://steemit.com/news/@bible.com/2sysip
Thx for this thoughts! How would withdrawing a negative amount of vest bring down the chain, other than just failing as a transaction?
I don't know the how. I can only guess because I don't have dev experience and I don't have access to blockchain node activities.
My guess that the transaction would attempt to evaporate the source user's vest but the transaction would never complete? That could be why it took so long to discover.
If I was Steemit Inc, I would initiate an investigation to who @nijeah is and to find any accomplices.
The whole thing could have been an effort to manipulate STEEM price to profit on the market or done out of revenge.
Interessting! Thank you for explaining!
Thanx for all the details ,
Good work , @socky. You explain clearly about the problem. What should we do know as part of community? I hope witnesses can find good solution for this.
The problem is fixed with a patch (fix to the software). I would imagine that there would be some validation exercises used to test for any other flaws.
excellent and important information..thanks @socky