Well... now that I sat down for some time, drank a whiskey (a good one) and had some help from some of my awesome friends here, I am capable of writing about what happened to me, today.
I write this, to make people aware.
I really believe that I am no idiot (at least most of the time). I keep my keys logged away, keep not too much of my cryptos in the exchanges and I regularly check the news about what happens and what goes on. I am far away of being a professional and there is a ton and more information that I have no clue about in the section of crypto trading. Still most of the time I think that I know what I am doing.
A friend of mine wanted to get some EOS and didn't know how to set it up. No ETH wallet and no clue. I advised him to use openledger.io and quickly logged in with my stick and password. Showing him how to do it. Of course without checking the news about Openledger.
@themarkymark wrote about the hack 5 days ago... but I was just too busy playing/trading Steemmonsters.
Not many news out there otherways:
https://www.financemagnates.com/cryptocurrency/news/openledger-dex-compromised-phishing-attack-account-activities-suspended/
https://bitsonline.com/openledger-domains-hijacked/
https://bitcoinexchangeguide.com/openledger-dex-domains-openledger-io-openledger-info-hijacked/
and apparently some tweets (I rarely use twitter).
When my friend was gone, to set up his account at home, I sat down before my computer, checking some updates, comments and discord messages I recieved during that time. When suddenly openledger started popping up messages...
Eos sold
Eos sold
Eos sold
I knew what this meant. I was hacked. I was robbed. AT THAT VERY MOMENT.
It's really amazing how quick you can get, while under duress. So I logged into bitshares, changed the key, set a new password and blocked the cheater out in blacklisting him. Then, while trying to find out, what to do next, I watched how the scammer emptied other accounts, what he apparently was doing for more than 6 hours straigt before.
Here is his account:
https://cryptofresh.com/u/allah-iraq/
In total this account got about 500 000 BTS from his robbery tour. Perhaps some of the good hackers out there are able to track him. He even send out money to @blocktrades for laundering.
In total I lost 220 EOS today, just by being sloppy.
DON'T be sloppy dealing with your keys!
Telling you that I am the victim is wrong, though.
I am not a victim, I am responsible. I did not check the news. Do it! Do it! Just DO IT!
I am not a victim, I am blessed. Today I was down like I was rarely before. So much good and so much bad happened in my life in such short time, that it was hard to bear. Today seemed to be the climax of that crazy ride of the last 2 weeks. I cry very rarely. Today I did. But there were friends around, lifting me up, listening to me, offering and providing help. I will not list these people... They know who they are. I thank you all for having been there, when I needed you, sometimes even without much knowing me!
THX! THX! THX!
This community is awesome!
PS: If anybody knows how to proceed, what there can be done, perhaps even how to track down this fucker...
Let me know in the comments.
EDIT and PPS: ... and of course I called my friend NOT to set up an account for the moment ;-)
I sent you 50 bts.
Wow, this is unexpected. THX a lot. The more I believe this community to be completely awesome.
I've also sent you a bit of SBD that I had in my savings. It's not a lot but every little helps. It will arrive in 3 days.
Das ist echt heftigst was die Kriminellen da rausziehen - klar jeder hat Verantwortung für sich selbst, aber man kann ja nicht alles lesen und wissen, dafür gibt es ja ne Community die zusammenstehen sollte. am Besten alle ernsthaften Warnungen zu Hacks / Scams etc teilen, man sieht wie wichtig es ist - immer noch bisserl geschockt @pollux.one - aber das wird alles wieder gut!
Es ist ja tatsächlich wieder gut. Ich hoffe nur, der ein oder andere ist nicht in die Falle getappt.
War schon schockierend, trotz ziemlich heftiger key-Sicherheit soviel soschnell verlieren zu können.
Vielen Dank für all die Hilfe und Unterstützung!
Lieber Pollux, das ist gelinde gesagt sehr ärgerlich. Wo ich heute hinhöre, ich höre nur unangenehme Nachrichten. Von einem Kollegen habe ich etwas gehört, glaube mir, der hat so einen drauf gekriegt, er würde SOFORT mit Dir tauschen...
Ich weiß, das kann Dich jetzt nicht wirklich beruhigen. Würde es mich an Deiner Stelle wahrscheinlich auch nicht...
Von mir bekommst Du als kleine Unterstützung auf jeden Fall 100% - auch wenn das nur ein mikroskopisch kleiner Tropfen auf den ultraheißen Stein ist!
Jo... nu aber genug aufgeregt, war sehr nett Dich gestern wieder mal getroffen zu haben. Das nächste Mal Grillen bei mir!
Ich fand's auch klasse, und es hat dazu beigetragen, die auch bei mir vorhandenen dunkleren Wolken auf der Seele zu vertreiben... ;-)
Die Zeit mit Dir ist immer schön!
What a damn shit really!
But we wont let you down and will help as much as we can to make up for this.
Kind regards
Jan
Nothing to add...
THX so much for all the support!
Now that's really fucked up! I admit that i would never thought about the SSL certificate and domain theft. Every time i see secure and correct address - that's it.
Sorry my full upvote isn't worth much, but you still got it :)
Thx a lot.
Same for me. I knew it was possible, but I really thought godaddy was really a fortress.
Speaking of... steemit is godaddy hosted as well.
Viele von uns vergessen leider, wie real die Gefahr eines Hacks ist... Auch ich gehe manchmal viel zu "leger" mit meinen Keys um, wenn ich so nachdenke - klar im Moment habe ich nicht viel zu verlieren, aber man sollte stets aufpassen.
Ich habe richtig Mitgefühl mit dir, 220 EOS ist (aus meiner Sicht) echt einiges an Geld und es ist krass, wie schnell das einfach weg sein kann!
Ich wünsche dir alles Gute und hoffe, dass du den Verlust bald wieder drin hast!
Vielen Dank für das Mitgefühl. Inzwischen bin ich einfach nur noch sprachlos und dankbar wegen der unglaublichen Unterstützung die ich seitens der Gemeinschaft hier erhalten habe. Ich wünsche keinem den ersten Teil meines Erlebnisses aber jedem den zweiten Teil.
Ich hoffe der Artikel konnte den ein oder anderen davor bewahren den selben Fehler zu machen.
Das ist auch ein riesig menge zu mir auch!!
I suggest to publish all accounts who were robbed today and call everybody to help restore funds. I am among those who was a victim too.
My account crypto-crat. You may see it as well.
this is actually a good Idea, even if most will just open a ticket, which will probably be ignored.
On the other hand OL has a lot of credibility to loose. This was a quite big robbery and it is still going on.
Was ein Scheixx, ich kann mitfühlen.
Ich habe letztes Jahr im Herbst erst mit Cryptos angefangen und bin viel zu unbefangen mit der Sicherheit umgegangen. Fad alles wahnsinnig faszinierend und war vor allem davon angetan, wie einfach das alles geht. Einfach ohne irgendeine Anmeldung auf Etherdelta handeln. Super Sache - ich habe schon das Ende der Börsen wie wir sie heute kennen unmittelbar bevorstehen gesehen. Habe dann ein bisschen rumgezockt und innerhalb von Tagen aus 0.1 ETH 8 ETH gemacht.
Weil es so gut lief habe ich dann bei einem ersten ICO mitgemacht.
Was dann passiert ist weiß ich bis heute nicht. Plötzlich war meine ganzen Ether weg. Ich habe auch noch gesehen, wo es hin ist, dann ist es auf shapeshift versickert.
Seitdem bin ich viel vorsichtiger geworden und mag Stetem, weil man zumindest nicht so schnell an mein Steem Power kommt. Trotzdem ist das eines der größten Probleme für die Massenanwendung - weil die Leute es eben nicht gewohnt sind, dass es keinen doppelten Boden gibt - und das jeder für sich selbst verantwortlich ist.
Ouch, I only just found out about this just now as well. I am off to check my account!
Just DON'T log in via Openledger.io
I log in through bitshares.openledger.info is that one safe do you know?
It wasn't earlier. Just be careful and use https://wallet.bitshares.org which has NOT been compromised.
This was posted yesterday.
here: https://dex.openledger.io/openledger-dex-access-issue-update/
Thanks for that, I have set up a new account on wallet.bitshares. Grr, pesky hackers
bitshares seems to be safe
Unfortuantely there will always be crime when money is involved.
It might not help you out too much - but I guess the most important thing is that nothing happened to you or your close ones in personal. Material loss can be tough as well of course, but at least it can be made up. And especially with the help of the amazing community here, I guess we will be able to help you here!!!
Genug kluges Gerede für heute - gute Nacht ;)
Das ist sehr richtig! DANKE!
Viel mehr kann ich nicht sagen. Hat jetzt nochmal 2 Tage gedauert, bis ich wieder ordentlich schreiben konnte...
hey, my full upovote for you and yes. cripto, hacks and lost are something real. thanks for sharing
thx, man.
Wowsers! That's bad luck, but welcome to the club 😊 ive not lost that much in one go,but have lost more than i could have ever dreamed of having to loose last winter, i resteemed this so others dont make the same
Seems everybody has to loose something at a certain point. Thx for the resteem. If this article prevents only one person of falling in the same trap, that would already be a real achievement!
Im happy if I have learnt from my mistakes with scams lol..
is so sad this post , every day have people stoled for too much trusth, I was a person so too trusth
Absolutely! We should be aware of the things happening.. Too much phishing attacks right...thanks for the enlightenment... And no worries...
As I wrote in the article... I am blessed and grateful. I learned and experienced more that day, than I could put into words...
That's really a sad news how what you've worked for gets stolen by some jerks who didn't stay up all night trying to get what they sold. Am really sorry bro, i pray no one experience this.
thx oghie
Thanks for sharing this post with us and wishing you an great day. Stay blessed
I hope it helped somebody out there.
I nearly also got catched in this trap, but I was suspisius because the site was really laggy and I ask in the dach discord and got the responce that it was hacked.
glad to hear you didn't fall into the trap. As my browser was slow for days, I didn't see any difference...
That is bad.
Last time I heard something similar here at Steemit was a a very good connection, a real human-being and genuine artists who I came across here at this platform. He lost almost everything in front of his eyes and the attack was so strong that he was unable to do anything and the hacker had full control of his laptop. All he could do was seeing the hacker robbing all his crypto money. He did a few posts at Steemit after this incident and then I've never seen him here again. I was sad about him and today, I'm sad about you after reading this post. I have no words to console you. May be, with the BTC price going up, you cover up your losses to some extent. I'm sorry my friend @pollux.one.
thx. Also sad to hear.
The only thing we can do is to learn from it and make it better the next time!
Agreed.
This is a big loss for you. Thank you for making us aware of these digital robbers. We should be alert.
thx. I really hope that I managed to prevent some people from falling into that trap!
Honestly Bitshares should suppport Ledger Nano S to be a real option
that would be awesome
PLease create a ticket and include all details of this episode soonest possible as we need as much as possible background information from each user account affected. Thanks
will do so, thx
Sorry to hear this dude and just brush it aside as a good lesson and you're more the wiser for it.
Chin-up soldier! ;-)
True, done ;-)
Sorry to hear about your loss mate. This is the thing that is stopping crypto from going mainstream. People need to be able to feel safe, crypto needs to be able to be used by my grandma with a extremely limited knowledge or least have some sort of backup net like with visa.
This may be true. Most people always chose security over freedom.
Personally I stick to crypto, even and escpecially after such an experience.
You got a 21.26% upvote from @postpromoter courtesy of @untergrund!
Want to promote your posts too? Check out the Steem Bot Tracker website for more info. If you would like to support the development of @postpromoter and the bot tracker please vote for @yabapmatt for witness!
Danke! @untergrund
Ich war und bin völlig sprachlos!
Sorry to hear that. Thanks for the heads up.
thx
Scary and depressing, sorry you had to go through that.
true, but I learned a lot.
crypto is a thing that should be dealt with extremely carefully :(
and even more than I anticipated
Wooow, sorry to hear that mentor. Is a sad this thing.
Everything is good. If only I have helped preventing others falling into that trap!
Damn bro... keep it up !
Will do so!
Dear All, I sympathize with those users who were affected by the recent hosting provider’s account breach. Though it wasn’t our fault that credentials of some OpenLedger DEX wallets were stolen, resulting in lost crypto assets, I couldn’t stay still. Starting from July 2, our trading platform will launch the Reimbursement Program for such users. Read more in the official announcement at https://dex.openledger.io/access-issue-ol-reimbursement-program. Yours sincerely Ronny Boesing, CEO, OpenLedger ApS.
Thanks for sharing your experience with us and sorry for your loss, Somehow I don't trust Openledger as decentralized exchange security measures I don't feel it safe enough to protect the account holder or even their policy or the back-end my only advice to stay away from that exchange they are even unable to protect their domain names ...!!
Very good of you to share this experience with others. Do not blame yourself, however, you were not alone in this attack on OpenLedger whose domain and SSL certificates were compromised and website taken over. BitShares network is safe and local wallet with bin file provides the ultimate peace of mind for larger amounts of tokens.
As far as I can tell, about a million dollars value have been extracted so far. Sure one day we will see the whole extent of this robbery. And I was lucky on several levels.
Ja, man kann nicht genug Vorsicht walten lassen.
Nur eine kleine Unachtsamkeit und schon ist es geschehen. Ich habe dies schon bei einigen Accounts erlebt, da mir mal ein Email Account gehackt wurde und dort einige Mails meiner damaligen Bitcoin Mining Pools drin hatte. Flugs hatten sich die Hacker auch einige davon unter den Nagel gerissen. Schon zwei drei Jahre her. Wenn ich darüber nachdenke was das für ein Wert war als der BTC seinen Höhepunkt von 20k $ hatte. Zwei drei Autos waren das schon.
Also, immer schön auspassen und vor allen Dingen, niemals Passwort mehrfach verwenden.
Yes, you can not exercise enough caution.
Just a little carelessness and it's done. I have already experienced this with some accounts, because I was once hacked an email account and there had some mail from my former Bitcoin Mining Pools in it. The hackers had also seized a few of them on their flight. Two years ago. When I think about what that value was when the BTC peaked at $ 20k. Two cars were that.
So, always look good and above all, never use password multiple times.
Scheint da muss jeder irgendwie durch. Denke nachdenken darf man darüber nur in eine Richtung:
"Was hat mir die Erfahrung erspart"
Ja, irgendwie wirklich jeder den ich kenne. Da hast du recht!
Damn @pollux.one this is some sad news, but you have a different spirit like Joshua and Caleb. You're deep in the flow stunner and i know that God will bring back what was taken from you in bucket loads. Shoutout for the heads up, but actually saw @themarkymark post earlier. It's painful though, because I was hacked of my mining earnings last year. The hacker even tormented me by withdrawing my BTC, BCH, LTC, DASH and DOGE day by day. Stay in the zone homez and expect a major avengement from the Father..
Thx for your words. Appreciate it.
Welcome to the club, i got got yesterday.
https://steemit.com/steemit/@freebornangel/be-careful-using-public-computers-for-your-btc-transactions
sad to hear. Hope you experienced support by those close to you, as I did.
I had a similar experience here on Steemit when I first started. I lost all my STEEM and SBD in just a few seconds and I was locked out of my account for several days. It is madden to know exactly which account sold my money and not being able to do anything about it. I learned a valuable lesson that day, same as you. DONT BE SLOPPY>
sad to hear!
Only thing possible is to learn for the future.
Informative and useful post.Thanks for sharing it
really sorry to hear about that.Yes sometimes we just get lazy in getting to look around and for that we get to pay the price.
While glad that you changed the pass while who knows you would have been emptied soon.
We sure should be very careful at all times and this is a tech world if we are not careful about our stuffs than anybody can take it from us with just a click !
Well... it was more than "a click"
actually it apparently was a very well prepared systematic hack on quite a large scale. Hoping someone will take the time to sum it up.
They do have their own ways I suppose.While thanks for sharing the facts will be careful in future .
well written and very informative! even do I'm still a plankton & new here on steemit - i upvoted your post just now in hope that other
will do the same & maybe you will get some of your money back with the help of the steemit community- i truly wish for that.
never loose hope bro & take care
thx
This is quite unfortunate. So sorry to the loss, i know you have already taken responsibility for being sloppy but people are just too mean. Thanks for sharing even in your depressed state. We need to be absolutely careful with our keys. Sorry again.
thx! Seems a lot of things have to happen to make us better.
True... We learn as we grow. Experience is the best teacher but it can be expensive too. That's why we need to learn for the experiences of other. Be strong my brother.
i am so sorry about your loss. nothing to say just don't blame yourself my friend . you are a good man. everything will be fine. you aware us , its helpful for us now to know that robbery. thanks for share
I think this kind of robberies will occur more often in near future. People should read the news and not be sloppy with their keys. If this article helped only one person not to loose his money, this really would be awesome!
Please create ticket here https://openledger.freshdesk.com with the link to your post
We are now checking all complaints from OpenLedger users
Thank you!
Will do so, thx!
dude, I am so sorry to hear this! That sucks. (and of course, fantastic that you have such a wonderful community to bear your loss with you!) Big love my friend x
I HAVE BEEN WAITING FOR YOU!
just joking. Thx for your words. I am blessed, just as I have written in the article.
Congratulations @pollux.one!
Your post was mentioned in the Steemit Hit Parade in the following category:
Thank you for telling us your story. It is The sad truth.. In nowadays. A great article:)
thx
It really sad to see lazy people do anything for the coins, thank God you got it back and also learning your lesson.
Well... these people have sure not been lazy. If I imagine they would have put this kind of effort in actually beeing productive, they probably would be rich in no time, too.
Also there is probably NO WAY to get it back. The robber has my money and the money of hundreds of others too. And he is still active. You can watch his account shifting around money all the time.
Really sorry about that
I always stop by here my friend, for your publications to learn from you and the way you do the post ... Thanks for such a good contribution, from #venezuela support your work my friend ... greetings <3
@pollux.one
thx!
sorry to hear that. I believe bitshares remained to be secure and the hack was just openledger ? please someone correct me if I wrong
this seems actually true.
I am a latecomer in this crypto business. This article just makes it more real to me that there is a lot a need to learn first so I can protect myself and my data. Thanks. Very informative read.
Glad, if I was able to help!
Welcome to the crypto business...