Important Security Announcement: Steemit CEO Ned Scott

7 months ago
68 in steemit

Steemit was today subjected to a cyber attack. In the attack, fewer than 260 accounts were compromised, and less than $85,000 worth of Steem Dollars and Steem may have been stolen.

The hack has now been contained. User accounts and wallets are not at risk, and we hope to soon reactivate the Steemit website to normal order. Any users whose accounts were compromised will be completely reimbursed.

Though only a relatively small amount of Steem was stolen, we take any form of criminal activity against our community extremely seriously. We have reported the hack to police and other cyber crime authorities, including the FBI. A full, internal investigation is currently being conducted and we are working on an immediate solution.

Partner exchange Bittrex was informed of the compromise and is actively helping the investigation. As a precaution, they have temporarily suspended the ability to deposit or withdrawal Steem and Steem Dollars from their exchange. The suspension will be lifted as soon as possible.

Thank you all for joining us on Steemit. We apologize for the temporary disruption of services and look forward to resuming operation of our social network.

Regular updates will be provided here on Steemit.com

-Ned

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, earn $3.50 of STEEM Power
when you Sign Up and vote for it.
Sort Order:  trending
63
  ·  7 months ago

This article should mention that the Steem protocol (the "coin") was not hacked, nor was any smart contract running on top of the Steem protocol. This hack is a website hack where a hacker stole funds and account credentials, and not a hack on the coin itself, at least according to the best information available when this article was written.

·
62
  ·  7 months ago

The Steem protocol (the "coin") was not hacked this time . I own steem coins and would like to move them off line to a wallet to store safely but alas I cannot find a wallet if someone knows where , I would appreciate a link .Thanks in advance

·
·
50
  ·  7 months ago

Have you looked at Bitshares Openledger? They let you buy and sell OPEN.STEEM that you can then turn into anything of your choice via a service called Blocktrades. You own your own wallet in form of a "brainkey". The Openledger network run on a MIT designed blockchain dubbed Bitshares and is backed by BTS (underlying currency is Bitshares) i am coindup-hasho on OL
use my referral link https://bitshares.openledger.info?r=coindup-hasho

·
·
54
  ·  7 months ago

My recomendation would be to join Github but this is what I found https://www.offgamers.com/buy/steamwalletcard.html

·
·
·
32
  ·  7 months ago

I'm glad to see that too. Platform should develop no matter what happens.

·
·
64
  ·  7 months ago

Which also means that a hard fork can't fix it.

·
71
  ·  7 months ago

Do people with big holding should consider changing their owner's/active keys?

·
·
61
  ·  7 months ago

My guess would be whatever key you login with may be compromised, but I have no clue as to the hack details.

·
44
  ·  7 months ago

The lesson (re)learned is to use a secure password that is difficult to guess. Also, I am hopeful that two factor authentication makes its way here soon.

67
  ·  7 months ago

Do you know how the attacker got in? I assume they altered the javascript to exfil private keys, yes? How do you know how many accounts were compromised? It might be wise to cycle everyone's keys at this point. I'll definitely be updating my posting key.

·
57
  ·  7 months ago

Yea, I was thinking something along these lines as well. XSS to grab a js token. I haven't looked into the site code, but I seriously hope they're not using js tokens and are instead using http only cookies.

·
28
  ·  7 months ago

At least is now been compromised, and from this experience Steem will up lift there security. Lesson learn.

57
  ·  7 months ago

Now that steemit is in everyone's crosshair, #3 on the top cryptocurrency list, we need to take development and security uber seriously. We should have 2factor or phone based ( coinbase does this) security features. Thanks for your updates.

·
50
  ·  7 months ago

and a account page so we can link our email and be able to change our passwords and forget my password to the site

·
·
63
  ·  7 months ago

that does nothing for site security, and actually puts individual users at a higher risk as now their email is now an attack vector

·
43
  ·  7 months ago

I could not agree more. Now that the solution has scaled and already has a dedicated consumer base of thousands of users, it will immediately attract unscrupulous eyes and unwanted attention as hackers will be interested in extracting some illegal value for themselves. Any cryptocurrency with a Top 5 market cap needs to be especially careful, not just from an authentication standpoint (some users have suggested implementing a two-factor authentication module for Steemit, which would help but that is only the beginning), but also from a regular site audit standpoint; these cryptocurrencies need to invest in the proper business continuity planning and disaster recovery management solutions, as well as ensuring that they have access to cyber security and digital threat forensic experts to help 'stress test' the system. This is only the beginning and there will be more and more attempts going-forward.

One last point worth mentioning, the actual Steem cryptocurrency was not impacted or attacked in this particular incident, it was only the Steemit.com website and that has since been corrected by Ned and his team.

Long live Steemit!

·
54
  ·  7 months ago

I dont think 2 factor auth would have helped in this scenario. It seems like the server hosting Steemit.com was compromised.

·
·
55
  ·  7 months ago

Unlike other crypto, Steemit's cryptomoney is mostly custodial. Since Steem Power is locked up for 2 years, that may greatly slow down a hack but like the DAO has shown, a slow mo train wreck is still messy. This platform is way too cool to go down in flames. We really need world class security going forward.

Don't forget, the Shapeshift theft was by an insider. Yuge lessons to be learned there too.

·
55
  ·  7 months ago

2 factor definitely. This was a wake-up call to get serious. You can spend a lifetime creating a good reputation and loose it all in 5 minutes.

And if anyone on Steemit is re-using passwords... please stop doing that. I bit the bullet a while back and started using KeePass (open source) password manager. I have mega strong passwords on my Steemit keys and everything else important these days, and so should you.

Remember, your Steem Power and bitcoins just may be your retirement fund.... protect them!

57
  ·  7 months ago

Great job @ned and the rest of the team. Good action taken, looking forward to the future!

66
  ·  7 months ago
60
  ·  7 months ago

How did they hack those accounts? Key-logging so they knew people's passwords? Or did they harvest stuff from reddit, and the users who were compromised used the same passwords as their reddit? And will the people concerned be able to change their passwords?

72
  ·  7 months ago

my respect for being honest and clever about this - I´ve informed the millionerds of https://stakepool.com about it - they are happy as well.

We believe in you guys, keep on keeping on!

·
70
  ·  7 months ago

millionerds

33
  ·  7 months ago

Maybe the Steemit website needs 2FA? I was wondering why it wasn't an option for my profile?

·
69
  ·  7 months ago

I mentioned in the Slack channel a week ago or so that I was concerned that we are starting to pile up funds and we could become a target like the DAO, I suggested 2FA and limited login attempt security, I haven't tried but I don't think you get a time lock if you enter the wrong password too many times. Also articles that provoke other media platforms are dangerous and makes us a target while we are still in incubation.

The coin price remained stable luckily and most of the damage contained..

Regards,

Ricardo Goncalves (BNC Steemit Community Manager)
sig_bravenewcoin_sml

·
·
59
  ·  7 months ago

Correct me if I'm wrong, but 2FA does not protect against cross site scripting attacks, does it?

·
·
·
69
  ·  7 months ago

Hi @Scrawl I'm not a dev so can't answer that. Thanks for bringing that to our attention though. Most exchanges use it, so in my mind it has some security benefits.

·
·
·
43
  ·  7 months ago

I totally agree 2FA should be implemented!

·
·
70
  ·  7 months ago

There are many ways to log in which are more secure. 2FA probably wouldn't have any significant impact on security. Multisig already exists and you can separate your owner key password from your poster key.

So I suppose you can improve on this technology by allowing a third party to hold a backup key in case something bad happens or something similar to this.

·
·
·
69
  ·  7 months ago

How about limited login attempts to prevent brute force attacks? Someone could possibly hack the main owner password if not set securely enough by the user? What do you think?

·
·
37
  ·  7 months ago

I am new here, but excited about the project. Is there a guide somewhere that explains the best way to secure one's Steemit balances, especially if they grow somewhat large? Or is it just a matter of using strong passwords? Where are my private keys being stored when I sign up? Any other security tips would be greatly appreciated. Thanks!

·
·
·
55
  ·  7 months ago

I'm probably not much further than you are in this new platform, but you can find your keys in wallet/permissions. I changed the passwords that access my keys this morning. I use a password manager (KeePass) and the are strong passwords, but easily accessible to me on any of my gadgets.

I'd like to know the difference between 'active key' and 'owner key'. Anybody?

·
·
25
  ·  7 months ago

I consider measures like these a must, I develop a number of crypto services that hold users funds, security, even the basic stuff, cant be taken lightly. My general guidelines tend to be, dont inform password/username is incorrect, simply state invalid credentials. lock the account for 5 minutes after 5 invalid login attempts, dont notify on the login screen that this has taken place, notify the account owner via email. Enforce strong passwords. I tend to be making 2fa mandatory now also.

Or completely overhaul the login system all together, I demo'd a proof of concept user registration/authentication system using Jumbucks addresses and cryptographic signatures, all wallets have this functionality. user provides a username and address on sign up, nothing else is required (email optional if they want notifications), user verifies ownership of said address by signing a random token using their wallet. to log in, user enters username, a random token is then presented, they sign token using the address they provided on registration, and boom their in.

·
51
  ·  7 months ago

I was wondering why this wasn't an option also.

57
  ·  7 months ago

You're not legit until someone tries to hack you these days :)

You guys are kicking ass! Keep doing what you're doing, and keep building a fantastic community.

Transparency in this type of situation is more than we can say about the US government these days :)

Cheers!

·
56
  ·  7 months ago

hahaha so true :D

·
·
·
29
  ·  7 months ago

Nope, you just lost the money forever.

·
·
·
34
  ·  7 months ago

Lol at this guy.

·
55
  ·  7 months ago

I can imagine the DAO hacker saying "oh boy, just nabbed a boat load of Steem Power... in 2 years, I'm gonna have some real fun!".

68
  ·  7 months ago

See this here is the kind of transparency not normally seen in crypto. Bravo you all. Bravo.

43
  ·  7 months ago

Wow. So Cool. Posting from CLI. LOL..

68
  ·  7 months ago

Thank you for your quick actions. My immense confidence in you and your team has only increased as a result of your handling of this situation.

62
  ·  7 months ago

This post and the way the Steemit team, handled the incident are admirable. With the current userbase numbering 26,000++, we should all realize that Steemit is comparable to the featal stage of human growth. Weakness and attack vectors are important to be identified and rectified. it is much, much better to discover these ASAP, instead of having them in the future when Steemit userbase has beaten FB's 2,000,000,000++ registered users, which by then this kind of attacks would already be gigantic, if not devastating things to resolve.

So I would like to congratulate @ned, @dan and the whole team instead, for having handled the situation with a lot of grace and by doing so, might have mitigated future bigger attacks.

Here looking up on you guys. -east

66
  ·  7 months ago

Thank you for the great communication. Finally back on, I was having withdrawals and I've only been here a couple days.

71
  ·  7 months ago

Thank you very much for confirming this and for your openness. Your ability to reimburse if needed also says a lot about your team. Respect!

64
  ·  7 months ago

Glad to see the site back up and running! It's quite commendable that you are reimbursing anyone who lost $ during this hack. It should inspire some confidence in people to stick with the platform for the long haul. If another layer of security could be added, it would be great! Cheers!

65
  ·  7 months ago

Why was the Politics topic link removed during the hack? I find it funny that my article regarding Decentralized Globalization was starting to trend just as this happened.

Here it is: https://steemit.com/politics/@senseiteekay/globalization-through-decentralization-fixing-the-world

·
33
  ·  7 months ago

I'll give you an upvote for being slick lol

·
·
65
  ·  7 months ago

Seriously, this happened. And as of 6 minutes ago someone's gone and posted the exact same content.

https://steemit.com/steemit/@senseiteekay/something-fishy-is-going-on

·
·
65
  ·  7 months ago

This article is trying to coin my idea straight after the hack has been patched: https://steemit.com/anarchism/@keithsmih/we-don-t-need-taxes-where-we-are-going

This is some bullshit.

·
·
·
66
  ·  7 months ago

You are implying that the hack was somehow to stop your articles from getting traction?

·
·
·
·
65
  ·  7 months ago

Not specifically but I am implying that's what happened. The critical theory I posted is articulately laid out and dangerous to those in the high tower.

3
  ·  7 months ago

Wow this is extremely disheartening, but at the same time it is given me more confidence in Steem. Why would you ask? Well it is simple, the hack was not directed at the actual coin, but rather individuals. These individuals probably had some security flaws already.

Anyways, I am here to stay!

56
  ·  7 months ago

Guys, I'm not sure what kind of cyber attack it was but I think Steemit community has a lot of motivated engineers and security experts that could have potentially eliminated the problem BEFORE it really occurred.

Any plans to open the source code of Steemit website?

·
50
  ·  7 months ago

yeah whats up with that

58
  ·  7 months ago

@ned we're all here and waiting for more information from you, we hope the news is good for the future steemit, cheers

67
  ·  7 months ago

Wow. How much sleep did you guys had in the last 24h?!

43
  ·  7 months ago

Hope it's true
And in general, I propose to establish a fund. To combat by such attacks and payment improvements. We must not let history as a dao

51
  ·  7 months ago

Thank you for your hard work , we are here for you!!!

42
  ·  7 months ago

I take things like this extremely seriously. (But, then, I take everything extremely seriously.)

I have a fair few tools for hardening websites against intrusion and have previously developed software for secure sites. Unfortunately, Javascript was not an area I focused on. However, anything I have should be considered at your disposal.

47
  ·  7 months ago

Wow. Thanks for the teamwork Bittrex!

33
  ·  7 months ago

Great that you were able to contain it so quickly! Steem Power!

71
  ·  7 months ago

Success is always targeted, keep up the good work!

33
  ·  7 months ago

Sadly this is starting to get to frequent in this "blockchain thing". Like in The DAO, another hack happened. Thanks for the info, and hope you can find the guilty, and recover in a smooth way from it. This project seams promissing, and the idea of it is purely awesome.

44
  ·  7 months ago

Thank you for being honest about this. So many other coins and exchanges try to hide it from us.

52
  ·  7 months ago

Great to see this being handled openly and professionally. Thanks for the update, cheers!

59
  ·  7 months ago

Looks like you've handled things well, that is a very small amount stolen.

Would be interesting to know how they got in, was it a cross site scripting vulnerability?

This hack is a good example of why we need more clients for Steem, preferably open source. Steemit.com being the only usable portal into Steem is hampering the decentralization aspect. Is there someone working on alternative clients?

·
34
  ·  7 months ago

Let's hope... As awesome as steemit is, there needs to be more decentralized platforms to utilize.

57
  ·  7 months ago

Hopefully events like this do not happen anymore, because everyone has a comfortable start with steemit.

62
  ·  7 months ago

Pssh, it's cool we got this brah. Easy steemy.

The Simpsons - Season 20, Episode 18

59
  ·  7 months ago

Thanks. How should we change our password. On the permissions tab I see 4 distinct keys. Thanks !

61
  ·  7 months ago

Thank you for the update!! Good to have you back!!

36
  ·  7 months ago

Thank You very much for letting us know and giving us information!
It's a pity that new innovative and growing startups are attacked by the dark forces of the net! But thats life. You'll have to expect this and be prepared!
I hope You'll find and solve the problems soon and are able to make steemit a better and safer place as a result!

50
  ·  7 months ago

how can we tell if our account was compromised and if they got into it i just checked mine and nothing is missing at all

70
  ·  7 months ago

Very important to distinguish the fact that Steem itself (the blockchain technology) has not been hacked. The website on the other hand is vulnerable and perhaps more effort should have gone into checking it but then no one expected Steem to rise at the rate it's rising so maybe there wasn't enough time.

Good job containing the attack and resolving the issue.

46
  ·  7 months ago

steam has gone up too fast on the podium of the criptomonedas and should work more on security. it seems incredible that after what happened with The DAO not appropriate action is taken.

32
  ·  7 months ago

I hope everything will be fine and you will cope with all the obstacles that stand in front of you.

51
  ·  7 months ago

That's when you know you're doing something right... the moment someone tries to tear it down ;]
Keep up the excellent work, this will only help fortify the community & platform. Thanks for the 'security check' douche-bags... whoever you are.

58
  ·  7 months ago

I like to see that you guys were quick to stop this attack I was impressed keep up the good work Steemit team.

42
  ·  7 months ago

Thanks for the explanation, excellent work

58
  ·  7 months ago

Kudos to the team for containing this quickly and being so transparent with it - congrats for that and thank you! Everybody should change password just to be on the safe side.

54
  ·  7 months ago

Wow that was really unexpected to me...never thought that someone wuold hack website like this.

42
  ·  6 months ago

Hi There,

Please how can I contact any members of the SteemIt developers team?

I have written to the contact email address in the help doc twice , but nobody replies. I'd like to offer the team a service that I believe will bring value to the project and enlarge the community base.

I can be contacted at: mvillamilb@gmail.com

Many thanks.

54
  ·  7 months ago

Great response from a real person in charge. I applaud you and your team for informing the community so quickly.

3
  ·  7 months ago

Another power outage! Dammit.

38
  ·  7 months ago

Great job on containing the attack. When good is happening there will always be the bad that is going to come after it. Lets get back to steeming and grow.

42
  ·  7 months ago

Im glad its only a small attack ned and the team are the best at what they do we will have to treat this somthing like a drill and come out the other side stronger and more robust as community

55
  ·  7 months ago

As much as it can't have been fun to deal with, this is a textbook example of how to communicate with users about a compromise. Explain clearly and consisely what happened, how it affects users, how it was resolved, and what you're doing to ensure it doesn't happen again.

Account hacks are never a good thing, but I actually feel quite adequately reassured that both this platform, and the steem currency are in good hands here. Great job, admins!

53
  ·  7 months ago

Website is still glitchy.

·
25
  ·  7 months ago

сайт этио фигня.главное что блоечен йработает без проблем. азначит скоро на луну полетим

40
  ·  7 months ago

Vote for Pedro!

38
  ·  7 months ago

Its a funny world when due to the mass theft in recent times, $85k is a good result.

21
  ·  7 months ago

join to telegram.me/steemit_en for discussions

70
  ·  7 months ago

Thanks for handling this smoothly, I'm impressed :) Hopefully the FBI gives a shit, especially now that we at least know which domain was being used to exfiltrate data (steemitDOTuk). I recommend everyone focus on improving their own browser security, install plugins like uBlock and uMatrix to prevent XSS attacks like this..

43
  ·  7 months ago

Good job!

45
  ·  7 months ago

85,000 dollars isn't to bad compared to what has happened to other crypto-currencies.

25
  ·  7 months ago

When i goto submit story, it wont let me post mine, the " Post " button is un-highlighted..
Andyone know a fix for this?
Please help me !

60
  ·  7 months ago

Nice to know the SteemTeam we're onto this so quickly, and it's been taken so seriously!

45
  ·  7 months ago

Any news on the reason for the second outage? Was it just the implementation of the Hard Fork? https://github.com/steemit/steem/blob/54337e4eae639aaf1150611923ea1e04693905e6/libraries/chain/hardfork.d/0_9.hf

64
  ·  7 months ago

I'm intrigued that the STEEM price hasn't been negatively affected by this yet. Maybe people are just used to cryptocurrencies getting attacked and stolen, and so they don't freak out about it quite as bad as they used to.

·
25
  ·  7 months ago

It hasn't been affected because all the exchanges have frozen trading

·
·
59
  ·  7 months ago

Trading is still active, just no deposits/withdrawals.

·
57
  ·  7 months ago

Are there short sale markets for Steem?

·
59
  ·  7 months ago

I think it makes sense for the price not be affected - this was an isolated attack on a few accounts with only a small amount stolen. The Steem protocol itself was never compromised. The faith in Steemit is still there as the team responded very quickly and contained the attack.

Even if the hacker got his stolen funds to Bittrex and was able to sell, $85,000 (128 btc) of sells would only drop the price by 2-4%.

The majority of all Steem is in Steem Power so it's secured against theft even in the event of a hack.

·
·
64
  ·  7 months ago

My point was about panic selling, not so much about dumped stolen coins.

7
  ·  7 months ago

I wrote it yesterday - https://steemit.com/die/@boyarov/steemit-will-die
and nobody trust me...

43
  ·  7 months ago

Ned, thank you for 1) disclosing the nature of the issue, 2) promptly communicating and providing regular updates, 3) disclosing your defense strategy and reiterating that Steemit will maintain a zero-tolerance policy for criminal activity on a decentralization platform (this is absolutely critical for the future sustainability and growth of the Steemit ecosystem, especially in light of the recent dark web and related crypto markets; brand equity needs to be cared for) and 4) for ensuring that a more secure system is in production within 24 hours and for immediately containing the threat while doing your best to minimize impact to thousands of other users; the fact that the hacker(s) could only access 260 accounts is indicative of a unique technology structure that you have all implemented in Steemit; bullet proof!

I wrote a blog post on how timely and professional the entire Steemit team have been with its first hack; https://steemit.com/steemit/@bismail/what-happens-now-with-steemit-keep-or-sell-steem-my-thoughts

39
  ·  7 months ago

i think your announcement dont make steem going stable
my advice fix the issue ASAP
i repeat ASAP

we dont wanna see DAO effect part 2

52
  ·  7 months ago

Thanks for your steem teem, i worried very much but quick decision & solution was reliable to us. ..bittrex too.

32
  ·  7 months ago

At least price bounced right back, seems these days, getting hacked is the way to go if you want price to go up up.

·
42
  ·  7 months ago

yes this is right

54
  ·  7 months ago

I hope Steemit Can be tightened, for the convenience of the public and provide steemit better comfort for the future ..

I am proud of the performance steemit quickly overcome this attack .. !!

@steemed @Ned

46
  ·  7 months ago

what?

25
  ·  7 months ago

nice job steem! protect us

43
  ·  7 months ago

Hey Ned, We really appreciate your quick response and transparency on what happened. Honesty is always the best policy and this speaks to the people behind Steem and why I am even more excited about then ever before!

27
  ·  7 months ago

Ок бро! будем стараться делать все правильно!

28
  ·  7 months ago

Transparency & Integrity

Ned, thanks for the info. Having only jumped on board in any real way with Steemit today (an intro post), one thing that strikes me by and large in the crypto industry is transparency, and the communal willingness to shape a pro-active and fair outcome. Everyone has an opinion, and many the willingness to express it, for me that is great stuff.
Many folks that I advise to start adopting crypto's point to hacks, and the loss by many of much. What they often fail to recognise is how badly the banking industry is constantly under attack. Very little if this makes the public ear, for obvious reason, loss of faith in an already damned industry.
While the powers that be point to having to control the masses, I point out how a consensus based community reaches a fair compromise. Ultimately, humanity will out and I for one appreciate that in a brave new world, a willingness to reveal weak links, will in the final analysis, grow a stronger chain. Kudos.

51
  ·  7 months ago

Hi,Ned!Can you tell all in video?

25
  ·  7 months ago

самое время закупиться. думаю спецом это сделали. курс падает для серьезных дядек -инвесторов так что ждем монетку по 1steem=10$ а дальше вангую движуху как у биткоина. Закупаемся!

47
  ·  7 months ago

I still want to put some $ to my wallet. FU hackers

·
51
  ·  7 months ago

encrypt the sh!t out of your keys ;) lol F 16, mine are like 30 digits long for the important ones

·
·
47
  ·  7 months ago

good idea

51
  ·  7 months ago

back up and running in 10 hours :D great job lol just a hick up when compared to the ETH/DOA fiasco.

Cheers to you guys

25
  ·  7 months ago

самое время для закупки .ура!

49
  ·  7 months ago

STEEM: The only website in history that made (as of this writing) $1,651 off of the announcement admitting they were hacked and accounts were compromised. #legit

·
33
  ·  7 months ago

Bahaha so funny

34
  ·  7 months ago

Great job @ned and the rest of the development team for the fast action on this attack! Really appreciate it!

10
  ·  7 months ago

i have 24 votes on a youtube video and got 0,02 dollar for it. is that right? i allso got a text with 19 votes and 0 dollar. :/

57
  ·  7 months ago

To all Steemit users:

If you have not done so already, please reset your account passwords. We ask this to ensure that everyone's account is secure. Remember that each account has 3 keys: an Owner Key, an Active Key, and a Posting Key. We recommend following best security practices by choosing unique passwords for each of these keys. This will allow you to safely use steemit.com with your Posting password.

As mentioned earlier, any Steem or Steem Dollars stolen from compromised accounts will be fully refunded by Steemit.

Thank you all for your patience and support through this process and for your wonderful contributions to Steemit.

41
  ·  7 months ago

I dont post every day, but when i do the fkers cyber attack the whole network.

61
  ·  7 months ago

Steem should hire a hacker to stop a hackers , to all whales steemers dont give up on steemit !

25
  ·  7 months ago

called the cops, called the Fire Department, called pizza hut, called the USN, called the Royal Navy, called the Red Army, called the FBI. called the CIA, called Interpol, called the KGB, called the USMC, called the USAF, called the Royal Air force, called MI 6, called Scotland Yard, called the US National Guard of every state, called NYPD, called Obama, called the Queen, called Putin, called David Cameron, called every Governor of every US State, used my time phone to call Winston Church hill, As well as Hitler, Stalin, Theodore Roosevelt, George Washington, Montezuma, ever Caesar, and Gilgamesh, called US Army, called British Army in every era, called every phone sexline, called papa john’s, called the US Coast Guard, called my State Senators, called my Senators, called every republican in the US, called Dr. Who, called the Pope, called my local Gang lords, called the State Patrol of ever state west of the Mississippi, called all of my local news channels, called Star Fleet, called The Sun, called The national enquirer, called CNN, called Scot Pelly, called Steven Colbert, called half of the Mexican Drug Cartels, called Nintendo, called the Japan Maritime Self-Defense Force, called the head of the Illuminati, called ever free mason, called bilderberg, called my neighbors, called the mayor of ever city in France, called my mom, called the Emperor of Man, and called every school district in Canada.

10
  ·  6 months ago

Is it ok to post steemit icon and promote .
yes or no

25
  ·  7 months ago

Thanks for the announcement.we feel more secured now

41
  ·  7 months ago

Great job @ned and the rest of the team. Good action taken to secure steemit.

64
  ·  7 months ago

Thanks so much @ned for fixing the problem so fast and for all updates on slack ! So , you reported to FBI . Do you really think this would help this platform . Just wondering .

25
  ·  7 months ago

It would be best if there is an aunthentication needed before accessing the account. Having a Two-way step verification is highly suggested.

·
56
  ·  7 months ago

I second this, I use it on every site that has the option to.

16
  ·  7 months ago

hot news

8
  ·  7 months ago

first website in the history, a company admits that accounts were hacked. I like it!

50
  ·  7 months ago

yeah but the reason steem was targeted in the first place is cuz there just like bitcoin and people are making money faster steem is ranked third in cryptocurrency but i think people get it already

65
  ·  7 months ago

Not sure why so many people are upvoting this...

·
48
  ·  7 months ago

maybe, because he/she have good reputation or the team steemit.
#CMIIW

57
  ·  7 months ago

This is something that was missing in our world. Great idea.

38
  ·  7 months ago

Why they have to this? while they can get steem by just sharing things with us.
They have knowledge of thing that we don't know that they can share with us here. They have ideas which can be useful to all of us.
The good thing they were not able to hack the steem system instead they just stole the funds and some of our account credentials in this site.
I would like to thank you Ned and your team to contain this attack big up

25
  ·  7 months ago

nice work dude...

46
  ·  7 months ago

36
  ·  7 months ago

I believe in your team, STEEM!

37
  ·  7 months ago

People!! see this...try this and tell me if heappens with you too!
https://steemit.com/money/@rcmdantas/how-to-double-your-deposit-value-in-steemit-com

32
  ·  7 months ago

They probably dump whole website database, can you force password reset? but you didn't find the hole at what i get, so even if you reset hacker will be able to compromise the accounts again?

53
  ·  7 months ago

Thanks for the transparency and quick response Steemit team!

66
  ·  7 months ago

in the future, in the full version , you need to provide a compensation system for users due to technical problems

57
  ·  7 months ago

Hello Ned, I invite you to support my charity event. This is not spam: https://steemit.com/steemit/@jennamarbles/a-new-stage-in-the-development-of-steem-now-we-can-do-more

49
  ·  7 months ago

great

41
  ·  7 months ago

If this happened to a common crypto the price would be crushing right now. STEEM is holding 0.0060 like a pro. The whole model is really robust... Nice work guys.

(The huge buy wall at over 0.006 might be helping as well :p )

·
25
  ·  7 months ago

It's holding its value because no one can trade STEEM at the moment.

·
·
76
  ·  7 months ago

not true, i just sold all my remaining 300 Steems

·
76
  ·  7 months ago

wait for it, once the people read about the hack, the price will fall within 48hours.