Account Hijacked

[chigbolu]

I am sorry to hear that you lost all cryptos.
Same with me too. Back then, total value was around $300,000. How did manage to cope after this loss?
Very disappointing.

All the best

[tsuratsura-3557]

I am sorry to hear that you lost all cryptos.
Same with me too. Back then, total value was around $300,000.
Very disappointing.

All the best

[wdfh]

No actually this accident can happen to anyone, the proposal is right there on the UI to accept and an uninformed / fatigued user will make the same mistake

It happened to me on Saturday... I have been using crypto since 2012 and have had a BTS account for many years. I was on OL and had just sent myself a small transfer to a phone wallet, but it was taking longer than usual. So, I checked back to my OL account and saw this new tab "proposal" with pending, I thought oh that's OL checking to make sure I want to send my funds, I even saw Openledger in the name, turns out it was openledger-delagate and a scammer. I checked back an hour later and my account balance was zero... I had been drained of 1.7 BTC converted to 300,000 BTS.

If anyone wants to take a look they can see my account name at kurtduncan

I have asked Openledger if they can refund in a goodwill gesture, but have not heard anything back.

This sort of thing should be switched off by default. I now have no crypto 

[vod]

McAfee's risk category - PUPs - Acronym for potentially unwanted program. PUP or PUPs is a term used to describe unwanted programs such as Trojans, spyware and adware, along with other malware which may compromise your privacy.
I would like to know if BitShares are doing something to resolve it.

[sschiessl]

 I saw that too...  Did McAfee show any details as to why the warning?

[vod]

I also received a proposal from unknown source just recently and now McAfee warns that wallet.bitshares.org is risky - PUPs - this warning started on 4/18/19.   Any comments?

[litepresence]

I am documenting this issue here:

https://github.com/bitshares/bsips/issues/154

BSIP: Proposals Scam Prevention #154

[pc]

Please provide links to what has been said and done for the sake of information.

There are several posts in this forum where it is discussed. This thread here is almost 4 weeks old, for example.
There are several articles on steem that talk about this, for example https://steemit.com/community/@erodedthoughts/bitshares-scam-proposed-permission-update
It was/is discussed in various telegram groups.
It was/is discussed on discord.

The UI has made approving proposals a 3-step-process, see post from Stefan above. Unfortunatly, people have been taught for years that whenever their computer pops up a box they MUST NOT READ IT and the MUST CLICK ON OK.

[iamredbar]

Exploit : to make use of meanly or unfairly for one's own advantage.

Just a differing in definition.

[postup5]

I'm getting the word out to others by sharing my experience so others can see. Please provide links to what has been said and done for the sake of information.

[pc]

It is unacceptable that nothing has been said or done to protect others from this exploit. I won't be using bitshares anymore.

A *lot* has been said *and* done. But of course it's easier to blame the tools than to admit your own fault.

If someone walked up to you and said "Hello, my name is Mr. Policeman. Please give me your money and the keys to your house, I will protect them for you.", would you do it? (The sad truth is that even in the real world people fall for this. They don't stop using money though.)

[postup5]

Exploit : to make use of meanly or unfairly for one's own advantage.

[iamredbar]

I did hear back after a few days regarding my ticket. Seems there is nothing they can do. Here is a link to my bitshares explorer account page:http://bts.ai/u/postup5
Looks like openledger-security has control and has all but drained it. It is unacceptable that nothing has been said or done to protect others from this exploit. I won't be using bitshares anymore.

This is not an exploit. You need to be aware of what you are agreeing to when approving a proposal.

[postup5]

I did hear back after a few days regarding my ticket. Seems there is nothing they can do. Here is a link to my bitshares explorer account page:http://bts.ai/u/postup5
Looks like openledger-security has control and has all but drained it. It is unacceptable that nothing has been said or done to protect others from this exploit. I won't be using bitshares anymore.

[Thul3]

I had the same proposal from openledger-something .I was thinking a bit if to accept or not because a day ealier i contacted openledger support about a manuel withdrawl but decided at the end since i can't see (at least i don't know where) what the proposal contains i won't accept it.

[tsuratsura-3557]

Thanks for good information. I will look into them.

Regards,

This happened to me yesterday, Tuesday, March 7, 2019. I can still get into my account fortunately. The names that show up in my activity feed that various funds were sent to are as follows:
1. cryptobridge-upgrade
2. rz120
3. There was another name but so far it has been buried too far to find it.
They cancel all your orders and then go to work extracting funds. The first thing they bought was KRIPT. I found this article https://bitcoinexchangeguide.com/openledger-dex-domains-openledger-io-openledger-info-hijacked/. If you scroll down to the comments there is this link https://dex.openledger.io/access-issue-ol-reimbursement-program/ which has good information on what to do. I filled out a ticket and was immediately e-mailed: "We would like to tell you that we have received your request and a ticket has been created. We will check your message and You’ll hear from us a reply no later than in 72 hours." Here is more information if interested in this link https://steemit.com/bitshares/@kingscrown/watch-out-the-bitshares-scam-going-and-getting-more-sophisitacted.

[Digital Lucifer]

No actually this accident can happen to anyone, the proposal is right there on the UI to accept and an uninformed / fatigued user will make the same mistake

Accident of blind sign on a paper in a bank regarding your account and its balance ?

[postup5]

This happened to me yesterday, Tuesday, March 7, 2019. I can still get into my account fortunately. The names that show up in my activity feed that various funds were sent to are as follows:
1. cryptobridge-upgrade
2. rz120
3. There was another name but so far it has been buried too far to find it.
They cancel all your orders and then go to work extracting funds. The first thing they bought was KRIPT. I found this article https://bitcoinexchangeguide.com/openledger-dex-domains-openledger-io-openledger-info-hijacked/. If you scroll down to the comments there is this link https://dex.openledger.io/access-issue-ol-reimbursement-program/ which has good information on what to do. I filled out a ticket and was immediately e-mailed: "We would like to tell you that we have received your request and a ticket has been created. We will check your message and You’ll hear from us a reply no later than in 72 hours." Here is more information if interested in this link https://steemit.com/bitshares/@kingscrown/watch-out-the-bitshares-scam-going-and-getting-more-sophisitacted.

[tshen]

I think the UX could be improved. Maybe the proposal dialog should not just pop up. It could go to a specialized menu item that the user must intentionally go to that page and Accept after double confirmations.  In that page we could put some warning text clearly indicating that Accept could cause you to lose fund.

[armin]

No actually this accident can happen to anyone, the proposal is right there on the UI to accept and an uninformed / fatigued user will make the same mistake

[tsuratsura-3557]

Thank you all and if almost all Bitshare users know how to handle and do not approve this kind of malicious proposal, I am relieved.
My loss was tremendous but I learned a lot. I do hope that this kind of thing won't happen again in Bitshares.

Very best regards,

[armin]

remove the proposals from the UI, it's only causing trouble and the people who are using them currently should already know how to use the cli_wallet

[sschiessl]

Sorry to hear about that. The new version of the UI includes protection to not accidently approve a proposal (it was already a two step process before, now it is three!).

The proposal itself can't do any harm to your account, so you must have (accidently) clicked on approving it, which then gave the attacker full access to your account.

[tsuratsura-3557]

Also, I just noticed that GANT777 stole all my BTS ?

[tsuratsura-3557]

Thanks for the information.  I just wanted to inform that

last three line transaction including this

Transfer tsuratsura-3557 send to openledger 11.539348 OPEN.BTC

were done by me.

Regards,

[lin5464]

[tsuratsura-3557]

Dear Forum members,

I would like to report my account hijack that happened around Feb 7th.
As I did not check my account frequently, I just found out that my balance became almost 0 when I checked on Feb 15th.

I lost almost all cryptos that I owned and I would like to inform all Bitshares holders of this incident so that no more victims will be created.

I checked some google and found out that there was malicious Bitshares proposal around end of January in 2019.
I believe my account was hijacked by this malicious proposal and he/she stole all crypto.
I do not think I approved this proposal but I might have accidentally approved.

I have just attached cryptofresh https://cryptofresh.com/u/tsuratsura-3557 and this is the all I have.
I do hope Bitshares will prevent this kind of malicious proposal from attacking all members in the future.

Should you require anything further, please let me know.

Regards,

Toshi