Pages:
Author

Topic: Nxt Coins stolen/ Hacked be warned (Read 4600 times)

sr. member
Activity: 336
Merit: 260
November 07, 2014, 05:03:51 AM
#78
There is no proof you're not lying.
legendary
Activity: 1372
Merit: 1000
November 07, 2014, 05:01:24 AM
#77
No compromised pass phrase provided = didn't happen. Spreading FUD is so common these days on this forum, but without proof it's not credible.

Thanks for taking the time to read why I don't want to post it and thanks. There is all the proof on this thread. But obviously your accusations are far more important to you than actually making an informed decision. Hypocrites are really amusing I must say.
hero member
Activity: 854
Merit: 1001
November 05, 2014, 09:26:08 AM
#76
I posted this at the end of September on www.nxtforum.org

Quote
I'm going to take the unpopular route here and point that NXT security is pretty good, NXT has no wallet.dat file to lose/corrupt/get stolen for one thing. All cryptos suffer thefts, that can't be completely avoided. There are not very many NXT thefts, but even one is too many.

@shin: you are mostly correct: we need to be sure that newbies to NXT can make a safe, secure account.
I think that on the dev side we do need to prioritise Account Control with 2FA, and on the marketing side to keep on pushing safe password  practices to people. Password security is almost always a contributing factor to crypto thefts, and so education about passwords will help everywhere, not just for NXT applications.


I have a feeling that there are at least 2 active thieves:
http://nxtreporting.com/?ac=NXT-WTCT-N6HZ-CCKY-4MLJF
is the guy/girl with donn2012 + 71586810(at)qq.com stolen funds:
https://bitcointalksearch.org/topic/robbed-more-than-100000-nxt-792600
https://nxtforum.org/general-discussion/help!-my-nxt-account-stolen-account-for-nxt-wczn-dgql-xm69-62l3n/
These 2 are obvious Rainbow Table attacks, as the passwords used were both direct quotes from literature.

and there is the gravitate thief:
https://nxtforum.org/general/have-i-been-hacked/
http://nxtreporting.com/?ac=NXT-URNF-7LNL-GDNW-EDRN6
and then on to the old BTER hot wallet:
http://nxtreporting.com/?ac=NXT-LSC3-VB9T-2W3V-BH7FB
I have a feeling this is not a Rainbow Table attack, but we'll see....
And I also have the feeling that there are more smaller thefts involved with both attacks.


I'm going to offer a bounty of 5000 NXT (from my own personal stash....ouch) to anyone who can help in the recovery process for the thefts above.
Talking to BTER sounds like a good first step......freeworm is the guy you need.

I would like to suggest that the 3 theft victims here (gravitate, donn2012, 71586810) take the lead in organising the chase....and they can qualify for the bounty for getting their own funds back. Grin

Since then there have been no new Nxt thefts, so we're left with 3 guys with a theft issue, 2 of which were definitely down to a weak password.
Without Gravitates old password, figuring out how his funds were stolen is more difficult, which is one of the reasons that I suggested that these 3 guys carry out further investigation themselves.  Did you guys contact freeworm/BTER ?
There are extra bounties available for tracking down the thief or thieves, if you need any more incentive.

sr. member
Activity: 336
Merit: 260
November 05, 2014, 05:58:56 AM
#75
No compromised pass phrase provided = didn't happen. Spreading FUD is so common these days on this forum, but without proof it's not credible.
hero member
Activity: 574
Merit: 500
November 05, 2014, 05:57:36 AM
#74
Now hacked through Nxt its a great shame.


You're doing it again.

Could you explain exactly how Nxt was hacked, which part of the algo is compromised that caused your hack? Please be specific.
legendary
Activity: 1372
Merit: 1000
November 05, 2014, 05:50:10 AM
#73
If Nxt is so big like 10000 usd should be able to crack a device to use.
legendary
Activity: 1372
Merit: 1000
November 05, 2014, 05:49:19 AM
#72
Well still no resolve. 2 Bitcoins could have been in my wallet. Now hacked through Nxt its a great shame. I suggest double auth like banks use or Trezor tech if you consider putting even a little bit of money into this.
member
Activity: 84
Merit: 10
★Bitin.io★ - Instant Exchange
October 07, 2014, 07:46:07 AM
#71
WELL IT HAPPENED RECENTLY LIKE WEEKS AGO. NOT THAT OLD?

there are just so many similar threads around.
hero member
Activity: 854
Merit: 1001
October 06, 2014, 06:59:11 PM
#70
This should really be a lesson for all of you. If you are too stupid to set a strong password, you should stay away from Nxt or crypto in general. There are enough banks who'd like to take care of your money.

Thank you for your input coin trader. It is very good advice if you would give more elaboration. Lets hope that someone who is reading this is the organiser of the next bitcoin conference and they pencil you down to take the stage and tell us all about it.

Hold on a bit, guys, Gravitate is not the guy we should be whaling on here. I've followed his case, and taken a look at the blockchain evidence, and his funds were stolen, as far as I can see, so blame the bloody thief.

Heres the www.nxtforum.org thread on the current unresolved thefts:
Recent NXT thefts: blockchain info.

So far, almost every NXT theft has come back to a weak password choice, but Gravitates theft may not have been.
It'd be a lot easier to prove this if G. would release his password to us, but he has his reasons not to.
There are other possibilities left to investigate: keylogger/malware or 3rd party access to G.s PC. I'm leaning towards the malware theory.....

Gravitate has a right to be pissed off, and a legitimate reason to be starting this thread, he's not throwing FUD about, he's just genuinely unhappy about being robbed.
The NXT community is checking this out, but we're not making a massive amount of progress on finding the thieves.
If anyone else wants to take a look at the blockchain evidence and go on a thief hunt, there is a small (ish) bounty available, see the above link.    
newbie
Activity: 22
Merit: 0
October 06, 2014, 05:12:50 PM
#69
No I mean I followed recommendations about a secure pass phrase.... I thought nxt were ok as they were at every conference I was at I got sucked in. It is the security of the coins ' brain wallet'  that I question.

you went to brainwash centers, even bitcoin conferences warn about the dangers, nxt is a scam coin token, im tired of warning ppl about it.

You are an idiot sir.
hero member
Activity: 546
Merit: 500
PGP 9CB0902E
October 06, 2014, 03:52:46 PM
#68
WELL IT HAPPENED RECENTLY LIKE WEEKS AGO. NOT THAT OLD?

quite old actually.
weeks in cryptoland, are well.. quite some time,
it happened like 200 ANN ago.

It just so happens that OP used "NXT" on the title, and we have seen a surge in threads attacking NXT the past week.

OP keep your pants up mate. whats with the caps?
legendary
Activity: 1372
Merit: 1000
October 06, 2014, 03:37:01 PM
#67
WELL IT HAPPENED RECENTLY LIKE WEEKS AGO. NOT THAT OLD?
hero member
Activity: 546
Merit: 500
PGP 9CB0902E
October 06, 2014, 03:19:35 PM
#66
It is very good advice if you would give more elaboration.

"it doesn't make sense" =/= random

@cryptocarmen, it;s an old thread.
member
Activity: 84
Merit: 10
★Bitin.io★ - Instant Exchange
October 06, 2014, 03:15:54 PM
#65
NXT was hacked /stolen again or this is an old thread?
legendary
Activity: 1372
Merit: 1000
October 06, 2014, 02:40:15 PM
#64
This should really be a lesson for all of you. If you are too stupid to set a strong password, you should stay away from Nxt or crypto in general. There are enough banks who'd like to take care of your money.

Thank you for your input coin trader. It is very good advice if you would give more elaboration. Lets hope that someone who is reading this is the organiser of the next bitcoin conference and they pencil you down to take the stage and tell us all about it.
full member
Activity: 226
Merit: 100
October 06, 2014, 09:07:58 AM
#63
This should really be a lesson for all of you. If you are too stupid to set a strong password, you should stay away from Nxt or crypto in general. There are enough banks who'd like to take care of your money.
hero member
Activity: 574
Merit: 500
October 06, 2014, 08:28:48 AM
#62
... trust me.

This is what I have been trying to avoid all along  Cheesy Cheesy Cheesy I have re-raked enough old ground and nothing new has turned up, I'll leave it there.
legendary
Activity: 1372
Merit: 1000
October 06, 2014, 08:22:47 AM
#61
dude tim cum sim prawn gin yuk bim rarl per tip pop from

Its no easier or more complex than that. It doesn't make sense in chinese or english trust me.
hero member
Activity: 574
Merit: 500
October 06, 2014, 07:40:06 AM
#60
no it was actually in the post written by someone else noit me... I will find it tonight

Don't worry, I found it. Apologies for doubting you, you are in control of the account.


That still doesn't explain what happened and posting your passphrase would allow us to eliminate that possibility. If you refuse to do this, I don't think it is fair to say things like:

Quote
1000usd flushed down the toilet from no fault of my own
It is the security of the coins ' brain wallet'  that I question.
I got hacked after being scammed
If you want to call me a liar by not posting MY pass phrase to cover up security issues with nxt then carry on please.

And especially:
Quote
The fact is I was hacked and no body has said there is a problem with the pass phrase

You might have been angry and frustrated but the reason for ^this^ is that nobody else knows the passphrase. Until we do, nobody can comment and it will remain a probable case of weak passphrase as that is the most probable cause.



You say that your password is random to "any normal person". Would it be random to someone translating different combinations of pinyin and English dictionaries into well known phrases/literature/ordinary sentence at 'x' million attempts a second?

I don't know any pinyin but for all I know, the sample password you posted "tim cum sim prawn gin yuk bim rarl per tip pop from" could translate to "I cum in prawn salad dressing d!ck is where I pop from"  Cheesy And you just change the subject "prawn salad dressing" for each use. A bad example but you get the idea. To re-cap, no full sentences in mixed languages used?
legendary
Activity: 1372
Merit: 1000
October 06, 2014, 06:53:28 AM
#59
no it was actually in the post written by someone else noit me... I will find it tonight
Pages:
Jump to: