Your Steem Account gets Hacked? What to do next?

in Newcomers' Community4 years ago (edited)

recovery1.1.png

Hello beautiful people of Steemit! Lately we have seen a lot of spammy comment that offers an airdrop or free Steem token if you click on the comments' link and then the link will bring you to another site and it asking you for your MASTER PASSWORD.. Never fall for this as there are never free steem token given in the community or an airdrop of some sort by asking you to give up your Master Password.
This tactic is use to lure and making you giving up your Master Password to this bad actors and they will then get full control of your Steem account.
Then the next thing you know, all your liquid Steem/SBD token in your account being transferred to other unknown account without your consent, then next they powering down your steem power without your consent, and next best thing is they start to spam other users with the phishing comments that they post to you earlier using your account and making them the next victim..

hacked11.jpg

What to do if you are in this situation?

Now your account is officially being hacked, and you should start the "Recovery Account Process" to your stolen account.

In this post, I will guide you on how to initiate this Recovery Account if you have sign up through steemit.com.
If you have sign up through other medium/site/services please refer to those site on how to start the recovery account process. But don't worry, I will explain how to start recovery account process if you have signed up through other platforms that is not steemit or @steem as recovery account in the next post.

First step please immediately visit ▶▶🆘 Stolen Account Recovery Page page to initiate the Stolen Recovery Account Process.
You will need to provide the email address that you used when you signed up, your steem account name, and a master password that was used in the last 30 days.

recovery1.png

Just in case you could not get in touch with the email address that you used when you signed up, you may send an email to [email protected]
and provide the original email address and phone number that you used when you signed up, so then Steemit Inc can manually approve this Recovery Account Process request.
You may also send them an email to ask if the recovery account process has been approve with this email address [email protected] if you haven't heard from them for a long time.

That is all for the stolen account recovery process for users that have signed up through steemit.com or through this page Steemit Sign-up



How does the stolen account recovery process work?

If your password has been changed without your consent, then the account designated as your recovery account can generate a new owner key for the account. The account recovery must be completed within 30 days of the password being changed, and you must supply a recent owner key that was valid within the last 30 days.

Steemit Inc. owns the default recovery account (@steem) for all users who sign up using steemit.com. Steemit can only identify users by their original email and phone number that were used to signup via steemit.com.

If you don't have the master password or owner key that was valid the past 30 days, or are unable to prove that you are the original owner of the account, then your account will be unrecoverable.

The stolen account recovery process can only restore ownership of the account. It is not possible to recover funds that were stolen.
Source



Change your Recovery Account

For existing users that have sign up through other medium or platforms(not through steemit.com) please change your recovery account to someone that you trust or who can help you do this Recovery Account Process when your account is compromised. Please refer to this post on how to change your Recovery Account If you have joined Steem before March 2020, you need to revisit your recovery account, may possibly need to change it.

Sort:  
 4 years ago 

Hi @cryptokannon, @steemcurator01

As a part of Security, people have to be careful. Peoples do not try to click on unknown links, advertisements banners that receive from the unknown peoples, in such a case they can check the sender's profile and examine it, check the comment section to know how many comments they have made similar to it.

Here, maybe I am not aware fully yet but, what I am trying to understand is, Active key is an important and only one to perform any action under our wallet.

If your password has been changed without your consent, then the account designated as your recovery account can generate a new owner key for the account.

So similar to this, can I say the process is like first, it will check what has been changed without consent like Owner Key, Posting Key, Active Key and then accordingly it will generate a new key(Owner Key, Posting Key, Active Key) which changed for the account OR only change and generate a new owner key.

I use Steem Keychain which prompts me on every transaction, I mentioned about it when I visit to the newcomer Achievement 2 post which is Basic Security on Steem.

I guess now based on such experience HACKER ALERT! PLEASE CHANGE YOUR PASSWORDS STEEMIANS!! it is time that we need to think more about Security and implementation of something like second layer security like Google Authentication or provide Dynamic key(change every 1 min) under wallet like below, for the transaction while transferring.

Nice suggestion. The keychain that you use is not being updated or not operated by steem developers anymore. You may change to this one https://chrome.google.com/webstore/detail/steemkeychain/jhgnbkkipaallpehbohjmkbjofjdmeid this will be updated frequently by its creator/steem community developer.

 4 years ago 

Nice one, I was able to export from old and import it in this new one.

Is there one for Firefox, I'm on Firefox and not Chrome.

Hello dear friend @cryptokannon good afternoon
It is incredible that these people exist.
excellent information, I hope I never have to use it, but you never know
Thank you very much for the information
have a beautiful afternoon

Thanks for noticing this and read them.

 4 years ago (edited)

Thanks @cryptokannon for the information and please people on steemit let's take precaution

 4 years ago 

Awww that very nice information for us
Thank you soo much
I have read it all and I have really appreciate that so much @cryptokannon

Muchas gracias @cryptokannon, gracias por el contenido de calidad y por el apoyo! Saludos desde Paraguay.

Thank you very much @cryptokannon, thank you for the quality content and for the support! Greetings from Paraguay.

This is an excellent step by step explanation. Good work

Very nice post.

Thanks crypto Kannon.

Thank you for posting this valuable info for us!

 4 years ago 

Thank you so much for this information @cryptokannon. Truly helpful!

 4 years ago 

Hello dear friend @cryptokannon good afternoon
It is incredible that these people exist.
excellent information, I hope I never have to use it, but you never know
Thank you very much for the information
have a beautiful afternoon

 4 years ago 

Help me.