1 comments-0 reblogs
avatar of @tj4real
6 months ago - 2 minutes read

Two months ago, my hive account was implicated in a phishing attack. I saw an airdrop opportunity that led me out of hive frontend to a telegraph page looking completely legit and all I had to do was to sign the transaction with only hivesigner. To my amazing surprise after signing with the hivesigner clone, nothing happened. It was then that I knew that I had fucked up. Luckily for me, I hardly interact with the blockchain with any of my active keys or high authority keys. So all the attacker had was the opportunity to post content with my account and further attack other victims. As a victim, I immediately started searching for my private owner key which is the only key that allows someone to change the password on hive.

My search was to no avail and I had already plagiarised some content which I was serving my punishment for with hivewatchers so I decided to move to a different account totally in order to continue writing. Today was a miracle day as I was going through my stored passwords, I realized I had stored my master key somewhere which I could use to retrieve the owner key. I immediately moved and created the owner key and as of now, I can successfully say I have completely changed my authority keys. As such the hacker has no authority over my account anymore.

I recommend we all pay close attention to signing transactions outside any of the know hive front-ends. A hacker cannot crack your keys. He can only trick you into giving out your keys. So we must safeguard our keys. I'm sorry to all who fell victim because I fell victim to this silly hack.

My gratitude goes to @keys-defender who constantly alerted individuals of the situation with my account. If not for their timely intervention of them, many more will have fallen victim. From now, I will no longer be making posts through @tj4real1 since my primary account has successfully been recovered. Long live hive.