Author Topic: Account Hijacked  (Read 4707 times)

0 Members and 1 Guest are viewing this topic.

Offline postup5

  • Newbie
  • *
  • Posts: 4
    • View Profile
  • BitShares: postup5
Re: Account Hijacked
« Reply #15 on: March 22, 2019, 02:41:48 pm »
Exploit : to make use of meanly or unfairly for one's own advantage.

Offline pc

  • Hero Member
  • *****
  • Posts: 1521
    • View Profile
    • Bitcoin - Perspektive oder Risiko?
  • BitShares: cyrano
Re: Account Hijacked
« Reply #16 on: March 23, 2019, 08:01:35 am »
It is unacceptable that nothing has been said or done to protect others from this exploit. I won't be using bitshares anymore.

A *lot* has been said *and* done. But of course it's easier to blame the tools than to admit your own fault.

If someone walked up to you and said "Hello, my name is Mr. Policeman. Please give me your money and the keys to your house, I will protect them for you.", would you do it? (The sad truth is that even in the real world people fall for this. They don't stop using money though.)
Bitcoin - Perspektive oder Risiko? ISBN 978-3-8442-6568-2 http://bitcoin.quisquis.de

Offline postup5

  • Newbie
  • *
  • Posts: 4
    • View Profile
  • BitShares: postup5
Re: Account Hijacked
« Reply #17 on: March 23, 2019, 01:19:12 pm »
I'm getting the word out to others by sharing my experience so others can see. Please provide links to what has been said and done for the sake of information.

Offline iamredbar

Re: Account Hijacked
« Reply #18 on: March 23, 2019, 02:01:36 pm »
Exploit : to make use of meanly or unfairly for one's own advantage.

Just a differing in definition.

BitShares Testnet Witness

Offline pc

  • Hero Member
  • *****
  • Posts: 1521
    • View Profile
    • Bitcoin - Perspektive oder Risiko?
  • BitShares: cyrano
Re: Account Hijacked
« Reply #19 on: March 25, 2019, 01:47:21 pm »
Please provide links to what has been said and done for the sake of information.

There are several posts in this forum where it is discussed. This thread here is almost 4 weeks old, for example.
There are several articles on steem that talk about this, for example https://steemit.com/community/@erodedthoughts/bitshares-scam-proposed-permission-update
It was/is discussed in various telegram groups.
It was/is discussed on discord.

The UI has made approving proposals a 3-step-process, see post from Stefan above. Unfortunatly, people have been taught for years that whenever their computer pops up a box they MUST NOT READ IT and the MUST CLICK ON OK.
Bitcoin - Perspektive oder Risiko? ISBN 978-3-8442-6568-2 http://bitcoin.quisquis.de

Offline litepresence

Re: Account Hijacked
« Reply #20 on: March 28, 2019, 02:17:45 pm »
I am documenting this issue here:

https://github.com/bitshares/bsips/issues/154

BSIP: Proposals Scam Prevention #154

Offline vod

  • Newbie
  • *
  • Posts: 4
    • View Profile
Re: Account Hijacked
« Reply #21 on: April 22, 2019, 03:13:05 am »
I also received a proposal from unknown source just recently and now McAfee warns that wallet.bitshares.org is risky - PUPs - this warning started on 4/18/19.   Any comments?

Online sschiessl

Re: Account Hijacked
« Reply #22 on: April 22, 2019, 08:32:07 am »
 I saw that too...  Did McAfee show any details as to why the warning?

Offline vod

  • Newbie
  • *
  • Posts: 4
    • View Profile
Re: Account Hijacked
« Reply #23 on: April 22, 2019, 05:43:01 pm »
McAfee's risk category - PUPs - Acronym for potentially unwanted program. PUP or PUPs is a term used to describe unwanted programs such as Trojans, spyware and adware, along with other malware which may compromise your privacy.
I would like to know if BitShares are doing something to resolve it.

Offline wdfh

  • Jr. Member
  • **
  • Posts: 26
    • View Profile
Re: Account Hijacked
« Reply #24 on: July 01, 2019, 05:26:47 am »
No actually this accident can happen to anyone, the proposal is right there on the UI to accept and an uninformed / fatigued user will make the same mistake

It happened to me on Saturday... I have been using crypto since 2012 and have had a BTS account for many years. I was on OL and had just sent myself a small transfer to a phone wallet, but it was taking longer than usual. So, I checked back to my OL account and saw this new tab "proposal" with pending, I thought oh that's OL checking to make sure I want to send my funds, I even saw Openledger in the name, turns out it was openledger-delagate and a scammer. I checked back an hour later and my account balance was zero... I had been drained of 1.7 BTC converted to 300,000 BTS.

If anyone wants to take a look they can see my account name at kurtduncan

I have asked Openledger if they can refund in a goodwill gesture, but have not heard anything back.

This sort of thing should be switched off by default. I now have no crypto  :-[

Offline tsuratsura-3557

Re: Account Hijacked
« Reply #25 on: July 12, 2019, 03:04:13 am »
I am sorry to hear that you lost all cryptos.
Same with me too. Back then, total value was around $300,000.
Very disappointing.

All the best

Offline chigbolu

  • Newbie
  • *
  • Posts: 19
    • View Profile
  • BitShares: vnc-7
Re: Account Hijacked
« Reply #26 on: November 08, 2019, 07:35:12 am »
I am sorry to hear that you lost all cryptos.
Same with me too. Back then, total value was around $300,000. How did manage to cope after this loss?
Very disappointing.

All the best