All "free offers of free STEEM" are FAKE and you WILL lose all of your money. DO NOT go to any "free offer" URLs.
Spread the word by making your own short post to tell users not to click on any links or go to any suspicious URLs. (Do not include the actual URLs)
Warning!
- DO NOT click on any comments that promise to give away free STEEM or any free offers.
- DO NOT go to any URLs sent to you in memos about free giveaways or offers.
- THERE ARE NO FREE OFFERS.
Current Situation
- Phishing and hacking restarted on the Steem blockchain.
- Accounts are being taken over by the hackers.
- Hacker is not well-versed in how the Steem blockchain works and is able to create basic 'advanced function' bots or otherwise issue transactions
- Transactions issued are a) to change the vesting route b) to post comments c) to send memos as individual transactions d) to detect password/key leaks e) to regenerate keys
Information
https://github.com/gryter/plentyofphish/blob/master/phishing.txt
This is the current list of hacked or still compromised accounts.
https://github.com/gryter/plentyofphish/tree/master/guides
Some helpful guides regarding recovery.
What to Do
If you think your account has been compromised, let me know immediately. You can reach me on Discord at GuiltyParties [.com]#5071 or at the Steemcleaners https://discord.gg/JnvkJMV (tag me or direct message me).
- If your account was created by Steemit Inc (the free accounts) start your recovery by going to this URL https://steemitwallet.com/recover_account_step_1 and using your email that you signed up with.
- If your account was created by some other service, go to that service and ask them to recover (or contact me if you don't know how to reach them)
- Check your "vesting_routes" to see if the location your account is powering down into has been changed (the hacker can power down your SP into his own accounts)
- Follow the guides linked above
- Remove "posting authority" to any dapps or websites you have authorized using SteemConnect
SteemConnect
beta.steemconnect.com/revoke/applicationname (look on steemd.com/@youraccount to see what dapps you authorized)
This is the URL you use to remove the posting authority. You can re-authorize after.
Clean Up
- Check to see if your account posted phishing messages in comments
- Edit or delete any phishing messages posted by your account
Discussion
The only way to stop phishing on the Steem blockchain is by acting swiftly and with due care. If accounts are allowed to go unrecovered or users are wasting time by not reporting phishing to the Steemcleaners or myself, we will not have a coordinated effort at eradicating this attack. There is no glory in trying to work on it yourself and keeping information to yourself; it's a team effort that must be centrally coordinated because we are dealing with an experienced phishing/hacking group. The end goal is to prevent the devastating effects we had the last few times we came under attack like this.
There are still almost 1000 accounts under hacker control on the Steem blockchain. User awareness and an instant response are our best defense and our greatest deterrents.
You may take this post or a part of it and re-post it, translate it, or do whatever you want with it in order to help get the warning out. Phishing targets users who are trusting individuals and believe that the links they're given are genuine. Hacking targets users who accidentally share their passwords or keys without realizing. This isn't intentional on their part. Warnings help to teach people to be more vigilant.
 |
Like what we're doing? Support us as a Witness.Go to https://steemit.com/~witnessesSelect or type in guiltypartiesClick VOTE if typed in
 |
