today my daily trading account trans.bot was hacked and I lost about:
22.4 BTC
119.5 ETH
4.19M BTS
264k bitCNY
I paid heavily to my carelessness, I should not put so much assets on a daily trading account, but recently I was busy and forgot the necessity to use multi-sig account to keep big amount of assets, then the assets in trans.bot accumulated more and more before I was aware of that.
there was a debt position of more than 20M BTS there, fortunately the hacker haven't lower the collateral ration and stole other several millions BTS.
I use this account in my laptop, win10, and I also receive mails, chat in QQ, browse webs, watch videos in the same laptop.
I use this account both in light wallet and the web wallet
https://bitshares.org/wallet/#/.
sometimes I connect Internet via public wifi.
yes I do not have a good habits, hope my loss can warm more users.
however I still think that we need to do some update to the wallet for higher fund security, for example, YOYOW have done some change to key management, the owner key is not saved locally but other medias, and with owner key one can update the active key to a new one by one click, hope this can help to make the wallet more safe.
今天我的日常交易用账户trans.bot被黑了,损失大约如下:
22.4 BTC
119.5 ETH
4.19M BTS
264k bitCNY
我为自己的不谨慎付出了惨重代价,trans.bot是我日常交易用账户,本不该存放如此之多的资产,可因为最近比较忙,偷懒不用多签账户,不知不觉使得日常交易用账户里的资产越积越多。
账户里还有2000多万BTS的抵押债仓,也许我应该庆幸黑客还没有去调整抵押率再搞走几百万BTS...
使用windows系统,而且是在同时接受邮件,QQ聊天,浏览各种网站,看视频的笔记本上使用,还轻钱包和网页钱包https://bitshares.org/wallet/#/ 都有使用,还没少使用公共wifi。。。总之,首先应该责备的的确是我自己。
然而,我们的确还应该从软件上提高钱包的抗风险能力,比如, YOYOW钱包就做了很有意义的改动,主控私钥不存在本地电脑中,而是另外存储,可随时一键更新交易私钥。这些创新也很值得更新到BTS 钱包中去。