Important Security Announcement: Steemit CEO Ned Scott

steemed (64) · 8 years ago

This article should mention that the Steem protocol (the "coin") was not hacked, nor was any smart contract running on top of the Steem protocol. This hack is a website hack where a hacker stole funds and account credentials, and not a hack on the coin itself, at least according to the best information available when this article was written.

$448.34

me-tarzan (80) · 8 years ago

The Steem protocol (the "coin") was not hacked this time . I own steem coins and would like to move them off line to a wallet to store safely but alas I cannot find a wallet if someone knows where , I would appreciate a link .Thanks in advance

$0.04

coindup (51) · 8 years ago (edited)

Have you looked at Bitshares Openledger? They let you buy and sell OPEN.STEEM that you can then turn into anything of your choice via a service called Blocktrades. You own your own wallet in form of a "brainkey". The Openledger network run on a MIT designed blockchain dubbed Bitshares and is backed by BTS (underlying currency is Bitshares) i am coindup-hasho on OL
use my referral link https://bitshares.openledger.info?r=coindup-hasho

$0.00

christoryan (57) · 8 years ago

My recomendation would be to join Github but this is what I found https://www.offgamers.com/buy/steamwalletcard.html

$0.00

egabragsiyrallih (51) · 8 years ago

Very good point - the platform itself was not compromised, which is great.

$0.00

9 votes

dan-atstarlite (66) · 8 years ago

Which also means that a hard fork can't fix it.

$0.00

tarime (32) · 8 years ago

I'm glad to see that too. Platform should develop no matter what happens.

$0.00

cryptoctopus (74) · 8 years ago

Do people with big holding should consider changing their owner's/active keys?

$0.00

taoteh1221 (61) · 8 years ago

My guess would be whatever key you login with may be compromised, but I have no clue as to the hack details.

$0.00

silvano22 (34) · 8 years ago

Great point

$0.00

mikegold10 (44) · 8 years ago

The lesson (re)learned is to use a secure password that is difficult to guess. Also, I am hopeful that two factor authentication makes its way here soon.

$0.00

https://steemit.com/introduceyourself/@ilyaivanov/hello-i-m-from-russia-help-me-to-be-happy-and-gain-a-million-likes-each-road-paint-for-me

ilyaivanov (37) · 8 years ago

$0.00

kell234 (54) · 8 years ago

$0.00

bunny (56) · 8 years ago

ttt

$0.00

bunny (56) · 8 years ago

ttt

$0.00

modprobe (67) · 8 years ago

Do you know how the attacker got in? I assume they altered the javascript to exfil private keys, yes? How do you know how many accounts were compromised? It might be wise to cycle everyone's keys at this point. I'll definitely be updating my posting key.

$1.29

jacobt (58) · 8 years ago

Yea, I was thinking something along these lines as well. XSS to grab a js token. I haven't looked into the site code, but I seriously hope they're not using js tokens and are instead using http only cookies.

$0.00

legendnal (28) · 8 years ago

At least is now been compromised, and from this experience Steem will up lift there security. Lesson learn.

$0.00

himalayanguru (57) · 8 years ago

Now that steemit is in everyone's crosshair, #3 on the top cryptocurrency list, we need to take development and security uber seriously. We should have 2factor or phone based ( coinbase does this) security features. Thanks for your updates.

$0.78

shawnjoseph (50) · 8 years ago

and a account page so we can link our email and be able to change our passwords and forget my password to the site

$0.10

6 votes

blocktalk (64) · 8 years ago

that does nothing for site security, and actually puts individual users at a higher risk as now their email is now an attack vector

$0.00

bismail (43) · 8 years ago (edited)

I could not agree more. Now that the solution has scaled and already has a dedicated consumer base of thousands of users, it will immediately attract unscrupulous eyes and unwanted attention as hackers will be interested in extracting some illegal value for themselves. Any cryptocurrency with a Top 5 market cap needs to be especially careful, not just from an authentication standpoint (some users have suggested implementing a two-factor authentication module for Steemit, which would help but that is only the beginning), but also from a regular site audit standpoint; these cryptocurrencies need to invest in the proper business continuity planning and disaster recovery management solutions, as well as ensuring that they have access to cyber security and digital threat forensic experts to help 'stress test' the system. This is only the beginning and there will be more and more attempts going-forward.

One last point worth mentioning, the actual Steem cryptocurrency was not impacted or attacked in this particular incident, it was only the Steemit.com website and that has since been corrected by Ned and his team.

Long live Steemit!

coinhoarder (55) · 8 years ago (edited)

I dont think 2 factor auth would have helped in this scenario. It seems like the server hosting Steemit.com was compromised.

$0.00

the-ivor (55) · 8 years ago

Unlike other crypto, Steemit's cryptomoney is mostly custodial. Since Steem Power is locked up for 2 years, that may greatly slow down a hack but like the DAO has shown, a slow mo train wreck is still messy. This platform is way too cool to go down in flames. We really need world class security going forward.

Don't forget, the Shapeshift theft was by an insider. Yuge lessons to be learned there too.

$0.00

the-ivor (55) · 8 years ago

2 factor definitely. This was a wake-up call to get serious. You can spend a lifetime creating a good reputation and loose it all in 5 minutes.

And if anyone on Steemit is re-using passwords... please stop doing that. I bit the bullet a while back and started using KeePass (open source) password manager. I have mega strong passwords on my Steemit keys and everything else important these days, and so should you.

Remember, your Steem Power and bitcoins just may be your retirement fund.... protect them!

$0.00

https://steemit.com/introduceyourself/@ilyaivanov/hello-i-m-from-russia-help-me-to-be-happy-and-gain-a-million-likes-each-road-paint-for-me

ilyaivanov (37) · 8 years ago

$0.00

getssidetracked (57) · 8 years ago

Great job @ned and the rest of the team. Good action taken, looking forward to the future!

$0.63

11 votes

liondani (69) · 8 years ago

@steemitblog edit the post and include the latest security announcement...
https://steemit.com/steemit/@steemit3/first-update-to-july-14-security-announcement-from-steemit-ceo-ned-scott

$0.56

alyssas (60) · 8 years ago (edited)

How did they hack those accounts? Key-logging so they knew people's passwords? Or did they harvest stuff from reddit, and the users who were compromised used the same passwords as their reddit? And will the people concerned be able to change their passwords?

$0.53

fyrstikken (75) · 8 years ago

my respect for being honest and clever about this - I´ve informed the millionerds of https://stakepool.com about it - they are happy as well.

We believe in you guys, keep on keeping on!

$0.32

11 votes

roelandp (74) · 8 years ago

millionerds

$0.26

lothendriel (44) · 8 years ago

Maybe the Steemit website needs 2FA? I was wondering why it wasn't an option for my profile?

$0.15

13 votes

bravenewcoin (69) · 8 years ago (edited)

I mentioned in the Slack channel a week ago or so that I was concerned that we are starting to pile up funds and we could become a target like the DAO, I suggested 2FA and limited login attempt security, I haven't tried but I don't think you get a time lock if you enter the wrong password too many times. Also articles that provoke other media platforms are dangerous and makes us a target while we are still in incubation.

The coin price remained stable luckily and most of the damage contained..

Regards,

Ricardo Goncalves (BNC Steemit Community Manager)
sig_bravenewcoin_sml

scrawl (59) · 8 years ago

Correct me if I'm wrong, but 2FA does not protect against cross site scripting attacks, does it?

$0.00

6 votes

bravenewcoin (69) · 8 years ago (edited)

Hi @Scrawl I'm not a dev so can't answer that. Thanks for bringing that to our attention though. Most exchanges use it, so in my mind it has some security benefits.

$0.00

btcupload (49) · 8 years ago

I totally agree 2FA should be implemented!

$0.00

dana-edwards (74) · 8 years ago

There are many ways to log in which are more secure. 2FA probably wouldn't have any significant impact on security. Multisig already exists and you can separate your owner key password from your poster key.

So I suppose you can improve on this technology by allowing a third party to hold a backup key in case something bad happens or something similar to this.

$0.00

bravenewcoin (69) · 8 years ago

How about limited login attempts to prevent brute force attacks? Someone could possibly hack the main owner password if not set securely enough by the user? What do you think?

$0.00

captainpicard (38) · 8 years ago

I am new here, but excited about the project. Is there a guide somewhere that explains the best way to secure one's Steemit balances, especially if they grow somewhat large? Or is it just a matter of using strong passwords? Where are my private keys being stored when I sign up? Any other security tips would be greatly appreciated. Thanks!

$0.00

the-ivor (55) · 8 years ago

I'm probably not much further than you are in this new platform, but you can find your keys in wallet/permissions. I changed the passwords that access my keys this morning. I use a password manager (KeePass) and the are strong passwords, but easily accessible to me on any of my gadgets.

I'd like to know the difference between 'active key' and 'owner key'. Anybody?

$0.00

xocel (25) · 8 years ago

I consider measures like these a must, I develop a number of crypto services that hold users funds, security, even the basic stuff, cant be taken lightly. My general guidelines tend to be, dont inform password/username is incorrect, simply state invalid credentials. lock the account for 5 minutes after 5 invalid login attempts, dont notify on the login screen that this has taken place, notify the account owner via email. Enforce strong passwords. I tend to be making 2fa mandatory now also.

Or completely overhaul the login system all together, I demo'd a proof of concept user registration/authentication system using Jumbucks addresses and cryptographic signatures, all wallets have this functionality. user provides a username and address on sign up, nothing else is required (email optional if they want notifications), user verifies ownership of said address by signing a random token using their wallet. to log in, user enters username, a random token is then presented, they sign token using the address they provided on registration, and boom their in.

$0.00

cryptodon (51) · 8 years ago

I was wondering why this wasn't an option also.

$0.00

chris-bates (59) · 8 years ago

You're not legit until someone tries to hack you these days :)

You guys are kicking ass! Keep doing what you're doing, and keep building a fantastic community.

Transparency in this type of situation is more than we can say about the US government these days :)

Cheers!

$0.14

9 votes

cryptogirly92 (56) · 8 years ago

hahaha so true :D

$0.00

justjoe1987 (29) · 8 years ago (edited)

Welcome to the club!
-The DAO

$0.11

13 votes

getssidetracked (57) · 8 years ago

Except that we didn't need a hardfork for this.

$0.00

justjoe1987 (29) · 8 years ago

Nope, you just lost the money forever.

$0.00

gobbahfett (34) · 8 years ago

Lol at this guy.

$0.00

the-ivor (55) · 8 years ago

I can imagine the DAO hacker saying "oh boy, just nabbed a boat load of Steem Power... in 2 years, I'm gonna have some real fun!".

$0.00

justtryme90 (71) · 8 years ago

See this here is the kind of transparency not normally seen in crypto. Bravo you all. Bravo.

$0.07

bue (53) · 8 years ago

Wow. So Cool. Posting from CLI. LOL..

bacchist (69) · 8 years ago

Thank you for your quick actions. My immense confidence in you and your team has only increased as a result of your handling of this situation.

easteagle13 (62) · 8 years ago (edited)

This post and the way the Steemit team, handled the incident are admirable. With the current userbase numbering 26,000++, we should all realize that Steemit is comparable to the featal stage of human growth. Weakness and attack vectors are important to be identified and rectified. it is much, much better to discover these ASAP, instead of having them in the future when Steemit userbase has beaten FB's 2,000,000,000++ registered users, which by then this kind of attacks would already be gigantic, if not devastating things to resolve.

So I would like to congratulate @ned, @dan and the whole team instead, for having handled the situation with a lot of grace and by doing so, might have mitigated future bigger attacks.

Here looking up on you guys. -east

gregm (67) · 8 years ago

Thank you for the great communication. Finally back on, I was having withdrawals and I've only been here a couple days.

firepower (79) · 8 years ago (edited)

Glad to see the site back up and running! It's quite commendable that you are reimbursing anyone who lost $ during this hack. It should inspire some confidence in people to stick with the platform for the long haul. If another layer of security could be added, it would be great! Cheers!

dwinblood (73) · 8 years ago

Thank you very much for confirming this and for your openness. Your ability to reimburse if needed also says a lot about your team. Respect!

daf (4) · 8 years ago

Wow this is extremely disheartening, but at the same time it is given me more confidence in Steem. Why would you ask? Well it is simple, the hack was not directed at the actual coin, but rather individuals. These individuals probably had some security flaws already.

Anyways, I am here to stay!

senseiteekay (66) · 8 years ago

Why was the Politics topic link removed during the hack? I find it funny that my article regarding Decentralized Globalization was starting to trend just as this happened.

Here it is: https://steemit.com/politics/@senseiteekay/globalization-through-decentralization-fixing-the-world

lothendriel (44) · 8 years ago

I'll give you an upvote for being slick lol

$0.00

https://steemit.com/steemit/@senseiteekay/something-fishy-is-going-on

senseiteekay (66) · 8 years ago (edited)

Seriously, this happened. And as of 6 minutes ago someone's gone and posted the exact same content.

$0.00

senseiteekay (66) · 8 years ago

This article is trying to coin my idea straight after the hack has been patched: https://steemit.com/anarchism/@keithsmih/we-don-t-need-taxes-where-we-are-going

This is some bullshit.

$0.00

blakemiles84 (67) · 8 years ago

You are implying that the hack was somehow to stop your articles from getting traction?

$0.00

senseiteekay (66) · 8 years ago

Not specifically but I am implying that's what happened. The critical theory I posted is articulately laid out and dangerous to those in the high tower.

$0.00

pmartynov (56) · 8 years ago

Guys, I'm not sure what kind of cyber attack it was but I think Steemit community has a lot of motivated engineers and security experts that could have potentially eliminated the problem BEFORE it really occurred.

Any plans to open the source code of Steemit website?

$0.04

coindup (51) · 8 years ago

yeah whats up with that

$0.00

danny.stark (25) · 5 years ago

I can recommend https://zensoft.io/solutions/blockchain experts in security and blockchain development

$0.00

blackjincrypto (58) · 8 years ago

@ned we're all here and waiting for more information from you, we hope the news is good for the future steemit, cheers

$0.04

razvanelulmarin (72) · 8 years ago

Wow. How much sleep did you guys had in the last 24h?!

$0.02

scrawl (59) · 8 years ago

Looks like you've handled things well, that is a very small amount stolen.

Would be interesting to know how they got in, was it a cross site scripting vulnerability?

This hack is a good example of why we need more clients for Steem, preferably open source. Steemit.com being the only usable portal into Steem is hampering the decentralization aspect. Is there someone working on alternative clients?

$0.00

gobbahfett (34) · 8 years ago

Let's hope... As awesome as steemit is, there needs to be more decentralized platforms to utilize.

$0.00

bondor (49) · 8 years ago

STEEM: The only website in history that made (as of this writing) $1,651 off of the announcement admitting they were hacked and accounts were compromised. #legit

$0.00

agentorange (34) · 8 years ago

Bahaha so funny

$0.00

arisromansyah (54) · 8 years ago (edited)

I hope Steemit Can be tightened, for the convenience of the public and provide steemit better comfort for the future ..

I am proud of the performance steemit quickly overcome this attack .. !!

@steemed @Ned

$0.00

sunshinecrypto (54) · 8 years ago

Great response from a real person in charge. I applaud you and your team for informing the community so quickly.

$0.00

sharkolate (40) · 8 years ago

Vote for Pedro!

$0.00

justiciar (47) · 8 years ago

Wow. Thanks for the teamwork Bittrex!

$0.00

bismail (43) · 8 years ago (edited)

Ned, thank you for 1) disclosing the nature of the issue, 2) promptly communicating and providing regular updates, 3) disclosing your defense strategy and reiterating that Steemit will maintain a zero-tolerance policy for criminal activity on a decentralization platform (this is absolutely critical for the future sustainability and growth of the Steemit ecosystem, especially in light of the recent dark web and related crypto markets; brand equity needs to be cared for) and 4) for ensuring that a more secure system is in production within 24 hours and for immediately containing the threat while doing your best to minimize impact to thousands of other users; the fact that the hacker(s) could only access 260 accounts is indicative of a unique technology structure that you have all implemented in Steemit; bullet proof!

I wrote a blog post on how timely and professional the entire Steemit team have been with its first hack; https://steemit.com/steemit/@bismail/what-happens-now-with-steemit-keep-or-sell-steem-my-thoughts

$0.00

graystone (51) · 8 years ago

Hi,Ned!Can you tell all in video?

$0.00

starlord (47) · 8 years ago

I still want to put some $ to my wallet. FU hackers

$0.00

fonzerrellie (51) · 8 years ago (edited)

encrypt the sh!t out of your keys ;) lol F 16, mine are like 30 digits long for the important ones

$0.00

starlord (47) · 8 years ago

good idea

$0.00

vippero (58) · 8 years ago (edited)

Kudos to the team for containing this quickly and being so transparent with it - congrats for that and thank you! Everybody should change password just to be on the safe side.

$0.00

nicoret (42) · 8 years ago

Im glad its only a small attack ned and the team are the best at what they do we will have to treat this somthing like a drill and come out the other side stronger and more robust as community

$0.00

bitcoinuserx (40) · 8 years ago

$0.00

oleim (33) · 8 years ago

Great that you were able to contain it so quickly! Steem Power!

$0.00

gatoso (42) · 8 years ago

Thanks for the explanation, excellent work

$0.00

theanubisrider (58) · 8 years ago

I like to see that you guys were quick to stop this attack I was impressed keep up the good work Steemit team.

$0.00

razorwave8 (71) · 8 years ago (edited)

Thank you for being honest about this. So many other coins and exchanges try to hide it from us.

$0.00

tedvernon (51) · 8 years ago (edited)

Thank you for your hard work , we are here for you!!!

$0.00

arian1 (40) · 8 years ago

Thank You very much for letting us know and giving us information!
It's a pity that new innovative and growing startups are attacked by the dark forces of the net! But thats life. You'll have to expect this and be prepared!
I hope You'll find and solve the problems soon and are able to make steemit a better and safer place as a result!

$0.00

biophil (66) · 8 years ago

I'm intrigued that the STEEM price hasn't been negatively affected by this yet. Maybe people are just used to cryptocurrencies getting attacked and stolen, and so they don't freak out about it quite as bad as they used to.

$0.00

fleegman (25) · 8 years ago

It hasn't been affected because all the exchanges have frozen trading

$0.00

scrawl (59) · 8 years ago

Trading is still active, just no deposits/withdrawals.

$0.00

atomrigs (63) · 8 years ago

Are there short sale markets for Steem?

$0.00

scrawl (59) · 8 years ago

I think it makes sense for the price not be affected - this was an isolated attack on a few accounts with only a small amount stolen. The Steem protocol itself was never compromised. The faith in Steemit is still there as the team responded very quickly and contained the attack.

Even if the hacker got his stolen funds to Bittrex and was able to sell, $85,000 (128 btc) of sells would only drop the price by 2-4%.

The majority of all Steem is in Steem Power so it's secured against theft even in the event of a hack.

$0.00

biophil (66) · 8 years ago

My point was about panic selling, not so much about dumped stolen coins.

$0.00

rendra-permana (57) · 8 years ago

Hopefully events like this do not happen anymore, because everyone has a comfortable start with steemit.

$0.00

mjgrae (52) · 8 years ago

Great to see this being handled openly and professionally. Thanks for the update, cheers!

$0.00

discombobulated (62) · 8 years ago (edited)

Pssh, it's cool we got this brah. Easy steemy.

The Simpsons - Season 20, Episode 18

$0.00

sebastien (59) · 8 years ago

Thanks. How should we change our password. On the permissions tab I see 4 distinct keys. Thanks !

$0.00

michaellamden68 (69) · 8 years ago

Thank you for the update!! Good to have you back!!

$0.00

angoluso (33) · 8 years ago

Sadly this is starting to get to frequent in this "blockchain thing". Like in The DAO, another hack happened. Thanks for the info, and hope you can find the guilty, and recover in a smooth way from it. This project seams promissing, and the idea of it is purely awesome.

$0.00

masteryoda (71) · 8 years ago

Success is always targeted, keep up the good work!

$0.00

shawnjoseph (50) · 8 years ago

how can we tell if our account was compromised and if they got into it i just checked mine and nothing is missing at all

$0.00

alfar (42) · 8 years ago

I take things like this extremely seriously. (But, then, I take everything extremely seriously.)

I have a fair few tools for hardening websites against intrusion and have previously developed software for secure sites. Unfortunately, Javascript was not an area I focused on. However, anything I have should be considered at your disposal.

$0.00

shawnjoseph (50) · 8 years ago

yeah but the reason steem was targeted in the first place is cuz there just like bitcoin and people are making money faster steem is ranked third in cryptocurrency but i think people get it already

$0.00

delord (50) · 8 years ago

Hope it's true
And in general, I propose to establish a fund. To combat by such attacks and payment improvements. We must not let history as a dao

$0.00

stabilnotixo (10) · 8 years ago (edited)

join to telegram.me/steemit_en for discussions

$0.00

rambogoham (49) · 8 years ago

85,000 dollars isn't to bad compared to what has happened to other crypto-currencies.

$0.00

https://twitter.com/ICOcountdown/status/753714035321864193 :(

icocountdown (50) · 8 years ago

$0.00

dana-edwards (74) · 8 years ago

Very important to distinguish the fact that Steem itself (the blockchain technology) has not been hacked. The website on the other hand is vulnerable and perhaps more effort should have gone into checking it but then no one expected Steem to rise at the rate it's rising so maybe there wasn't enough time.

Good job containing the attack and resolving the issue.

$0.00

tarime (32) · 8 years ago

I hope everything will be fine and you will cope with all the obstacles that stand in front of you.

$0.00

jayjustmay (51) · 8 years ago

That's when you know you're doing something right... the moment someone tries to tear it down ;]
Keep up the excellent work, this will only help fortify the community & platform. Thanks for the 'security check' douche-bags... whoever you are.

$0.00

kirtash85 (48) · 8 years ago

steam has gone up too fast on the podium of the criptomonedas and should work more on security. it seems incredible that after what happened with The DAO not appropriate action is taken.

$0.00

horselditty (38) · 8 years ago

Its a funny world when due to the mass theft in recent times, $85k is a good result.

$0.00

boyarov (7) · 8 years ago

I wrote it yesterday - https://steemit.com/die/@boyarov/steemit-will-die
and nobody trust me...

$0.00

rcmdantas (37) · 8 years ago

People!! see this...try this and tell me if heappens with you too!
https://steemit.com/money/@rcmdantas/how-to-double-your-deposit-value-in-steemit-com

$0.00

rkpl (57) · 8 years ago

This is something that was missing in our world. Great idea.

$0.00

ashishjain (8) · 8 years ago (edited)

first website in the history, a company admits that accounts were hacked. I like it!

$0.00

whixin (25) · 8 years ago

Thanks for the announcement.we feel more secured now

$0.00

artiishere (32) · 8 years ago

They probably dump whole website database, can you force password reset? but you didn't find the hole at what i get, so even if you reset hacker will be able to compromise the accounts again?

$0.00

mix68 (0) · 8 years ago

$0.00

Reveal Comment

magix (42) · 8 years ago (edited)

Good job!

$0.00

vip (66) · 8 years ago

Thanks for your steem teem, i worried very much but quick decision & solution was reliable to us. ..bittrex too.

$0.00

azurejasper (61) · 8 years ago

Nice to know the SteemTeam we're onto this so quickly, and it's been taken so seriously!

$0.00

danbitc (46) · 8 years ago

what?

$0.00

hollyblade (25) · 8 years ago

nice job steem! protect us

$0.00

toddl984 (43) · 8 years ago

Hey Ned, We really appreciate your quick response and transparency on what happened. Honesty is always the best policy and this speaks to the people behind Steem and why I am even more excited about then ever before!

$0.00

murad05 (27) · 8 years ago

Ок бро! будем стараться делать все правильно!

$0.00

kelsteem (28) · 8 years ago

Transparency & Integrity

Ned, thanks for the info. Having only jumped on board in any real way with Steemit today (an intro post), one thing that strikes me by and large in the crypto industry is transparency, and the communal willingness to shape a pro-active and fair outcome. Everyone has an opinion, and many the willingness to express it, for me that is great stuff.
Many folks that I advise to start adopting crypto's point to hacks, and the loss by many of much. What they often fail to recognise is how badly the banking industry is constantly under attack. Very little if this makes the public ear, for obvious reason, loss of faith in an already damned industry.
While the powers that be point to having to control the masses, I point out how a consensus based community reaches a fair compromise. Ultimately, humanity will out and I for one appreciate that in a brave new world, a willingness to reveal weak links, will in the final analysis, grow a stronger chain. Kudos.

$0.00

ausbitbank (73) · 8 years ago

Thanks for handling this smoothly, I'm impressed :) Hopefully the FBI gives a shit, especially now that we at least know which domain was being used to exfiltrate data (steemitDOTuk). I recommend everyone focus on improving their own browser security, install plugins like uBlock and uMatrix to prevent XSS attacks like this..

$0.00

sany (25) · 8 years ago

самое время закупиться. думаю спецом это сделали. курс падает для серьезных дядек -инвесторов так что ждем монетку по 1steem=10$ а дальше вангую движуху как у биткоина. Закупаемся!

$0.00

veryhype (38) · 8 years ago

Great job on containing the attack. When good is happening there will always be the bad that is going to come after it. Lets get back to steeming and grow.

$0.00

fonzerrellie (51) · 8 years ago

back up and running in 10 hours :D great job lol just a hick up when compared to the ETH/DOA fiasco.

Cheers to you guys

$0.00

sany (25) · 8 years ago

самое время для закупки .ура!

$0.00

algimantas (53) · 8 years ago

Wow that was really unexpected to me...never thought that someone wuold hack website like this.

$0.00

joemz (34) · 8 years ago

Great job @ned and the rest of the development team for the fast action on this attack! Really appreciate it!

$0.00

patrickve (10) · 8 years ago

i have 24 votes on a youtube video and got 0,02 dollar for it. is that right? i allso got a text with 19 votes and 0 dollar. :/

$0.00

egjoshslim (57) · 8 years ago

To all Steemit users:

If you have not done so already, please reset your account passwords. We ask this to ensure that everyone's account is secure. Remember that each account has 3 keys: an Owner Key, an Active Key, and a Posting Key. We recommend following best security practices by choosing unique passwords for each of these keys. This will allow you to safely use steemit.com with your Posting password.

As mentioned earlier, any Steem or Steem Dollars stolen from compromised accounts will be fully refunded by Steemit.

Thank you all for your patience and support through this process and for your wonderful contributions to Steemit.

$0.00

zalmoxis (42) · 8 years ago

I dont post every day, but when i do the fkers cyber attack the whole network.

$0.00

rainchen (61) · 8 years ago

Steem should hire a hacker to stop a hackers , to all whales steemers dont give up on steemit !

$0.00

ipostmeme (25) · 8 years ago

called the cops, called the Fire Department, called pizza hut, called the USN, called the Royal Navy, called the Red Army, called the FBI. called the CIA, called Interpol, called the KGB, called the USMC, called the USAF, called the Royal Air force, called MI 6, called Scotland Yard, called the US National Guard of every state, called NYPD, called Obama, called the Queen, called Putin, called David Cameron, called every Governor of every US State, used my time phone to call Winston Church hill, As well as Hitler, Stalin, Theodore Roosevelt, George Washington, Montezuma, ever Caesar, and Gilgamesh, called US Army, called British Army in every era, called every phone sexline, called papa john’s, called the US Coast Guard, called my State Senators, called my Senators, called every republican in the US, called Dr. Who, called the Pope, called my local Gang lords, called the State Patrol of ever state west of the Mississippi, called all of my local news channels, called Star Fleet, called The Sun, called The national enquirer, called CNN, called Scot Pelly, called Steven Colbert, called half of the Mexican Drug Cartels, called Nintendo, called the Japan Maritime Self-Defense Force, called the head of the Illuminati, called ever free mason, called bilderberg, called my neighbors, called the mayor of ever city in France, called my mom, called the Emperor of Man, and called every school district in Canada.

$0.00

wolfofcyberstrt (25) · 8 years ago

When i goto submit story, it wont let me post mine, the " Post " button is un-highlighted..
Andyone know a fix for this?
Please help me !

$0.00

noodhoog (55) · 8 years ago

As much as it can't have been fun to deal with, this is a textbook example of how to communicate with users about a compromise. Explain clearly and consisely what happened, how it affects users, how it was resolved, and what you're doing to ensure it doesn't happen again.

Account hacks are never a good thing, but I actually feel quite adequately reassured that both this platform, and the steem currency are in good hands here. Great job, admins!

$0.00

pandawabright (42) · 8 years ago

Great job @ned and the rest of the team. Good action taken to secure steemit.

$0.00

dekrypt (45) · 8 years ago

Any news on the reason for the second outage? Was it just the implementation of the Hard Fork? https://github.com/steemit/steem/blob/54337e4eae639aaf1150611923ea1e04693905e6/libraries/chain/hardfork.d/0_9.hf

$0.00