Under Investigation , You have give / used with Steem Amal
steemauto.app and this App is Not Safe.
This App is Compromise and The Owner is Steem Supporter
He is running witness and was using Everyone Keys to vote on all his account.
Please be sure to REMOVE steemauto.app on All your Accounts.
This, I think, is the best explanation to what happened,, thanks.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
The account was just recovered by the steemit team and support from @steemchiller (thank him very much for the endless support)
I need to recheck everything ups again
thank you for your concern @quarantine and my friend @aneukpineung78
How is life back there, I am in Banda Aceh, if you are in town, we may have some coffee during the break
Regards
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Very fast Recovery.
Make sure you take out steemauto.app
This will happen again as Steem Support is unreliable and will find any oppurtunity to access any accounts he can get hold.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I don't understand how this can be linked to steemauto, can you explain please?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I am now living in Banten as I told you before. Life is like always, cannot complain, if you knew what I mean.
I don't see myself in Aceh in nearly time, but thanks for the offer for sure.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
We used to use steemauto for our community curation and never had any issues. If I remember correctly steemauto never had access to any keys. Since that was our first concern too so it seems to me like this was a key management issue?🤷🏻♂️
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
What do you know??? @tomoyan
Please Read
https://steemit.com/steem/@jayplayco/warning-please-remove-your-post-auth-from-steemdb-online-autovoting-service
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Yes we did this and removed post auth.
But that’s why it doesn’t make sense that masterkey was stolen🤷🏻♂️? Anyway…idk
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Dear @tomoyan, @steem-supporter, @the-gorilla, and @quarantine
I don't understand at all how the master key could be compromised since the master and owner are never used at all times during transactions of the account and it is saved offline. As it was recorded the thief used the owner and changed it before he/she perform the transfer. if someone thing it is because of the auto vote service, steem.amal account never uses the auto vote service, so then it is not an issue at all.
it is still a big question for us, it is the second time happened to steem.amal account. The first one was someone changed the posting and active key but it can be controlled using the owner/master key. But, this time they took over all keys.
For ur information, I have had the experience to recover multiple stolen accounts (at least 4), and all of them never use master and owner keys when they click the phishing link or access their account. But still, all their key was compromised.
We may need to consider the new method or other possibilities the cracker/hacker used to access the account.
Do you have anything in mind?
With my best regards
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I wondered the same thing which is why I can't understand the association with steem.auto.
I don't believe that you can change the Master Key with just the Owner Key (although I could be wrong) so it appears that you have had the Master Key stolen.
Which leads me to 3 possible scenarios:
I'd also consider your reasons for keeping so much liquid SBD and STEEM. I'm sure you have them but consider splitting large amounts across multiple accounts - the remainder of the power was "saved" because of the 4 week powerdown period.
You have my sympathies, I can only imagine the pain that this has caused.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
My preliminary investigation was the first PDF was saved in the email, and the email was not safe at all, the access key was only kept by 3 trustees persons. They were all panicking contacting me to do any possible thing to save the account.
My last computer has been clean out before I handed it over to my wife. My big regret was the SBD and Steem did not keep in the "Save balance" as they should be.
if the case is my computer, I don't have any key stored in this new computer or phone, because I never access the account using this new computer at all till yesterday.
So my best guess was they gain access to the email used to create the account and find the pdf file there, it is the easiest way to get access since the password of the email is not strong enough.
what all of us need to be concern about is finding the real cause of how someone else could get access to any account, to protect the entire steemit system and avoid miss understanding the user for the platform security issues.
I thought (if this is possible) for the steemit team could find a way to track down the thief and freeze the account so then they can not do any transactions.
can you do an IP address track of the thief account to find out from where he came from and let me know to my discord channel? @el-naillul3044
Thank you for your sympathies my friend, best regards
El-nailul
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Unfortunately, I don't think Steemit will do anything. We've seen stolen money transferred through accounts before and I don't remember Steemit ever freezing an account in order to stop the funds being withdrawn.
The only suggestion I have is to look at the user of the account that has stolen your money and see which exchange the money is moved to. Once you've established that, you could phone the exchange and explain that one of their users has stolen your money (you can provide evidence of the transfer out of your account) and they might be able to freeze their account and retrieve the money for you. I've not heard any stories of this being successful either but it's worth a try - I fear that once it's gone, there I've seen little to no appetite from anybody to help get it back 😢
It's also my understanding that IP addresses are not recorded and if they were, I don't think anybody would ever admit to it. I think that your best hope is to first report the theft to the police and then to contact the exchange which the thief uses.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
@el-nailul
@quarantine have done investigations for years on Hackers / Phishing.
Example Accounts
@wwefun @richardman
Have seen how it was done.
Using App can also be Storing your passwords.
You do not need to expose your passwords, there is way this ppl will steal it.
By lodging into their App.
Under Investigation Steem amal have use Steem Auto App.
If not Why would I said that.
I am busy , If you don't believe me then don't take my words.
Have A good day.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit