Utopian was hacked. Possible breach of SteemConnect ⟾ My video about how to revoke all 3rd-party authorities with or without SteemConnect

in #utopian7 years ago (edited)

This is another my old post, where I described differences between SteemConnect v1 vs. v2:

Official info from Utopian about the hack:


Please consider voting for noisy.witness - Soon you can expect from us a proper announcement with all the details about our node, together with info about our upcoming project SmartVotes :) But actually people can vote for us even right now, since our node is up and running smoothly :)


▶️ DTube ▶️ IPFS
Sort:  

Hello! @utopian-io representative here. We apologize for the leak and are working on tracking down the hacker & fixing possible holes. I'd also like to confirm that your keys are completely safe, as well as the tokens have been finally shut down with the help of the Busy staff.

We want it to be clear that but we are not, in any way, associated to the hacker that used these tokens for malicious intents. Please join us on the discord channel if you want to know more about the issue.

The official announcement can be seen here. You can also ask me directly. Your safety is very important to us. Thank you for believing in us.

This things happen, and to be honest, it could be much worse. I am pretty sure, that Utopian will become even more robust in the future, because from now on, everyone in Utopian team, will be paranoid about security.

Steemit with budget of million dollars was hacked and lost few hundreds thousands $, Different projects on Ethereum with budget of hundreds of milions were hacked as well - millions was stolen.

You with the budget of... (dunno... not big)... you have been just hacked, and you didn't lose a dime of money from your users. Yes... you have lost some data, but it could be much worse.

Keep doing awesome job, guys! :)

Good thing you're quick to make action about it. There's no perfect system as what they say but I hope it won't happen again if it's real that it got hacked. I don't think it's good to the cryptoworld in general.

good information.love to read it....It helpful for me. I have some steem loan. I really need it. God bless you

so do I need to reset any passwords or revoke any authorizations or no?

No, the situation was handled in just under 2 hours and since then, no tokens or passwords are endangered. Even if your token was leaked back then, it's no longer valid.

cool, thanks!

Thanks for bringing this to our attention. The crazy thing is I tried to connect to Utopian for the first time just the other night to show a friend but it wouldn't let me connect. I thought it was odd because Busy was letting me connect and all that.

I checked that guys post and my vote wasn't casted over there so I guess he didn't get my posting key.

I flagged his post though.

If anyone wants to check if their vote was casted here is the link and then try to find your name in the votes by searching.

https://steemd.com/photography/@zulkifli123/flower-beautiful-3513d9afa3893

No ok czyli to tylko Utopian czy cały SteemConnect? Bo ja np nie wchodziłem na utopiana

Obecnie dostępne informacje mówią o tym, że jednak tylko Utopian, a czkolwiek rozgorzała się dość spora dyskusja nad tym, że SteemConnect, też nie jest najbezpieczniej zaprojektowany

Hej @carrioner, reprezentuję Utopian.

Ten konkretny leak jest związany tylko i wyłącznie z Utopian. SteemConnect faktycznie, zdaniem wielu, nie jest świetnie zaprojektowany, ale jeśli aplikacje używają go najbezpieczniej jak się da, to nie powinny nigdy zleakować tych tokenów.

The title sounds very alarming. I hope it won't happen again because if it does, then we might not see steemit in the future.

Hi @noisy, thanks for the post.
Does this explain all the unauthorized votes being taken from my account ?

I think, it would be better to ask this guys from Utopian or/and SteemConnect

Hello @kiwisteem! Utopian representative here.

I checked your vote history and did not find any upvotes related to this leak. If you're experiencing unauthorized votes please change your keys immediately.

Hey @jestemkioskiem thanks for that

Good practice to do the disconnect. Can't believe they had a leak!

wow even you also donate your steem doller to the poor people.nice thats great.i saw your image.thank you very much for donating to the poor people

Loading...

Hi @noisy is safe to use steemconnect to send sbd or steem to blocktrades?

According to informatino provided by SteemConnect team - yes. However, I would recommend using Vessel:

https://steemit.com/vessel/@jesta/vessel-026-server-selection-disconnected-status-message

And make sure, you are not using your master password all the time, more info here:

I'm a little worried that the geekiest project on the steem blockchain experienced the leak. I hope they find the hacker quickly and hand out some retribution.

Coin Marketplace

STEEM 0.23
TRX 0.25
JST 0.038
BTC 95317.76
ETH 3302.38
USDT 1.00
SBD 3.31