Account Hijacked

[tsuratsura-3557]

Thanks for good information. I will look into them.

Regards,

This happened to me yesterday, Tuesday, March 7, 2019. I can still get into my account fortunately. The names that show up in my activity feed that various funds were sent to are as follows:
1. cryptobridge-upgrade
2. rz120
3. There was another name but so far it has been buried too far to find it.
They cancel all your orders and then go to work extracting funds. The first thing they bought was KRIPT. I found this article https://bitcoinexchangeguide.com/openledger-dex-domains-openledger-io-openledger-info-hijacked/. If you scroll down to the comments there is this link https://dex.openledger.io/access-issue-ol-reimbursement-program/ which has good information on what to do. I filled out a ticket and was immediately e-mailed: "We would like to tell you that we have received your request and a ticket has been created. We will check your message and You’ll hear from us a reply no later than in 72 hours." Here is more information if interested in this link https://steemit.com/bitshares/@kingscrown/watch-out-the-bitshares-scam-going-and-getting-more-sophisitacted.

[Digital Lucifer]

No actually this accident can happen to anyone, the proposal is right there on the UI to accept and an uninformed / fatigued user will make the same mistake

Accident of blind sign on a paper in a bank regarding your account and its balance ?

[postup5]

This happened to me yesterday, Tuesday, March 7, 2019. I can still get into my account fortunately. The names that show up in my activity feed that various funds were sent to are as follows:
1. cryptobridge-upgrade
2. rz120
3. There was another name but so far it has been buried too far to find it.
They cancel all your orders and then go to work extracting funds. The first thing they bought was KRIPT. I found this article https://bitcoinexchangeguide.com/openledger-dex-domains-openledger-io-openledger-info-hijacked/. If you scroll down to the comments there is this link https://dex.openledger.io/access-issue-ol-reimbursement-program/ which has good information on what to do. I filled out a ticket and was immediately e-mailed: "We would like to tell you that we have received your request and a ticket has been created. We will check your message and You’ll hear from us a reply no later than in 72 hours." Here is more information if interested in this link https://steemit.com/bitshares/@kingscrown/watch-out-the-bitshares-scam-going-and-getting-more-sophisitacted.

[tshen]

I think the UX could be improved. Maybe the proposal dialog should not just pop up. It could go to a specialized menu item that the user must intentionally go to that page and Accept after double confirmations.  In that page we could put some warning text clearly indicating that Accept could cause you to lose fund.

[armin]

No actually this accident can happen to anyone, the proposal is right there on the UI to accept and an uninformed / fatigued user will make the same mistake

[tsuratsura-3557]

Thank you all and if almost all Bitshare users know how to handle and do not approve this kind of malicious proposal, I am relieved.
My loss was tremendous but I learned a lot. I do hope that this kind of thing won't happen again in Bitshares.

Very best regards,

[armin]

remove the proposals from the UI, it's only causing trouble and the people who are using them currently should already know how to use the cli_wallet

[sschiessl]

Sorry to hear about that. The new version of the UI includes protection to not accidently approve a proposal (it was already a two step process before, now it is three!).

The proposal itself can't do any harm to your account, so you must have (accidently) clicked on approving it, which then gave the attacker full access to your account.

[tsuratsura-3557]

Also, I just noticed that GANT777 stole all my BTS ?

[tsuratsura-3557]

Thanks for the information.  I just wanted to inform that

last three line transaction including this

Transfer tsuratsura-3557 send to openledger 11.539348 OPEN.BTC

were done by me.

Regards,

[lin5464]

[tsuratsura-3557]

Dear Forum members,

I would like to report my account hijack that happened around Feb 7th.
As I did not check my account frequently, I just found out that my balance became almost 0 when I checked on Feb 15th.

I lost almost all cryptos that I owned and I would like to inform all Bitshares holders of this incident so that no more victims will be created.

I checked some google and found out that there was malicious Bitshares proposal around end of January in 2019.
I believe my account was hijacked by this malicious proposal and he/she stole all crypto.
I do not think I approved this proposal but I might have accidentally approved.

I have just attached cryptofresh https://cryptofresh.com/u/tsuratsura-3557 and this is the all I have.
I do hope Bitshares will prevent this kind of malicious proposal from attacking all members in the future.

Should you require anything further, please let me know.

Regards,

Toshi