驚險48小時:我的賬號被盗了 Thrilling 48 hours: my steemit account was stolen

(image source: [pixabay](https://pixabay.com/en/work-desk-computer-night-hacker-933061/)

2018年7月13日的晚上,我的賬號被盗了。

當天晚上,我一如以往的準備發文,當我把文章排好,按下”Post”時,系統竟告訴我”Missing Owner Authority”。好吧,我都經常看到有其他Steemians都曾遇過這個問題,就打算上網找一找解決方法。等等!Missing Owner Authority? 不是Missing Posting Authority嗎? 那這個是什麼意思!?我對這出錯毫無頭緒,就嘗試登出再登入吧,但當我登入的時候,系統竟告訴我密碼錯誤!?

我嘗試把記事簿中的筆記複製一次再登入,系統都是說我密碼錯誤,然後我再試試Chrome, Firefox, Opera登入,都是同一問題,然後我就在telegram向其他steemians 求助,他們查看我的帳戶時,發現我的錢已全部被轉走了,而且我正在Power Down!!!

At the night of 13th July 2018, My Steemit account was stolen.

At the night, I was making a new post as usual. When I finished editing and submitted, the system told me that I was “missing Owner Authority”. Okay! I had seen other steemians having the same problem so I just searched the solutions to solve it in google. Wait! Missing Owner Authority? Not missing posting authority!? What did it mean!? I had no idea about it and then I log out and login again. And the system said my password was incorrect!?

Then I copy my password again from my notebook and tried to login again. Password incorrect again! I tried Firefox, Chrome and even Opera and It’s still the same result. I asked help from other steemians through telegram. When they checked my account, they found that all my Steem and SBD had been transferred and I was powering down!


在不知不覺的情況下,我的帳號原來已被盗了!眼看著接近300的Steem被轉走,還有3000多的SP正在Power Down,我真的不知如何是好,幸好這時我累積的好人品有用了,各方好友相助,有的叫我立即改密碼,但我的主密碼都已被人改了,當然不能改。然後曾經也試過被盗的@catwomanteresa介紹我到了CN區的編程愛好者群組求救,他們在了解我的情況後,提議了我以下的方法,也是唯一的方法,我希望大家都能記住這個方法,萬一有一天你遇到同樣情況,也不用感到無助。

My account was stolen and I didn’t know that! I didn’t know what to do looking at the wallet history, seeing 285 steem transferred and 3100 SP was powering down. Luckily my steemians friend all came out and tried to help me. @catwomanteresa, who experienced account stolen also, introduced me to a wechat group of CN programmers. After they knowing my case, they recommended me the following method, which is also the only method. I wish all of you may take a look. If one day you face the same incident, you know what to do.


原來,在Steemit的Menu中,有一個更改密碼的選項,進入後,你可以選擇recover account救回帳戶,只要你還記得本來的密碼,系統會在30天內發電郵給你,幫你重設密碼,救回帳戶。我心想:天呀!30天,什麼都沒有了,但這是唯一的方法,我只好跟著做吧。

In the menu of our account, there is an option of “change password”. After going in, you can find the “recover account” option. If you still have your original password and submit the request, system will send you an email within 30 days and you can recover your account through the link they send you. Oh my GOD! 30 days!!!! Nothing is left after 30 days! But it’s the only way. Okay, do it!



操作完後,我也沒有什麼可以做了,只好早點睡覺吧,到了第二天,我上網時仍經常不自覺的點了進steemit,但其實我那時不能發文,不能點贊,不能留言,什麼都不能做。好吧,就當是休息幾天不用寫文章了,盡情的看世界盃吧!當我真的打算好好休息幾天不寫文章時,第三天的晚上,Steemit系統就發電郵給我救回account了……我才剛放下心情打算休息,說好的三十天卻變成了兩天……我才剛下載了一個新遊戲,這是否不讓我玩的節奏……

總結這次事件,我一共損失了285 Steem,不過Power Down的3000 SP卻被救回了,可算是不幸中之大幸。至於帳戶被盗的原因卻是未知,可能我進入了某個釣魚網站也有可能,不過在與其他Steemians交流的過程中,我了解到我一直都用主密碼登陸Steemit,甚至Steemconnect,是一件極為危險的事情,一不小心就能被人盗取,損失慘重,是極為低級的錯誤!在此奉勸大家一句:不要用主密碼登入,請用Posting Key登入,在需要轉錢時才用Active Key登入,轉完後就趕緊登出,更不要讓瀏覽器記住Active Key!

In Conclusion, I lost 285 steem but my SP was saved. It’s the luckiest thing. The reason of account stolen is still unknown. Maybe I clicked some phishing site. I don’t know. But I found that I was making a big mistake when I communicated with other steemians. I was using my main password to login Steemit and even steemconnect. It’s actually a stupid mistake and hacker can easily hack into your account. An advice for all of you: please use posting key to login. Only use active key when you need to transfer steem or SBD and logout immediately after processing. Don’t let browser save your active key!

After sending the request, I had nothing more to do. Just wait. In the second day, I still unconsciously opened Steemit but I couldn’t post, upvote nor reply! I could do nothing. Fine! I treated it as a small break and didn’t need to write posts for a few days. Time for World Cup! After I calm and really wanted to take a break, on the third day, System sent me the recovery email……I just planned to take a rest……The said 30 days become 2 days……


驚險的48小時過去,過程雖然驚險,但也感到人間溫䁔,因為有很多朋友都透過Telegram及微信私訊我了解事情,看看有沒有能協助的地方,人間有愛呀!而擁有最大愛的你知道是誰嗎?是@oflyhigh O哥!詳情自己看:

Thrilling 48 hours passed! Although thrilling, I feel the warmth of the world. A lot of Steemit friends messaged me to see if there is anything they can help. It’s love! And the greatest love comes from @oflyhigh! I asked him if he can give me some SP if I couldn’t save my SP. He answered me that he gave all his SP to me! It’s love!


這個時候有點後悔,為何我不讓帳戶繼續Power Down,然後讓O哥把SP全給我?不知道如何我的SP真的保不住了,你會真的把SP全給我嗎?

經一事,長一智,我的保安意識提高很多了,285 Steem,就當是學費吧!

I think I am too silly to stop the power down. I should keep it and let @oflyhigh give all his SP to me! @oflyhigh, if I really lost all me SP, will you give all your SP to me?

Luckily 285 steem is not a huge amount. I treat it as a tuition fee of a web security lesson. HAHA!


Thanks for spending your time to read my articles. I like to share stories of Hong Kong. I wish you may support me and I will keep going!

謝謝你能抽空閱讀這篇文章,我平日喜歡分享香港的故事,希望大家多多支持,我會繼續努力!




Posted from my blog with SteemPress : http://aaronli.vornix.blog/2018/07/16/%e9%a9%9a%e9%9a%aa48%e5%b0%8f%e6%99%82%ef%bc%9a%e6%88%91%e7%9a%84%e8%b3%ac%e8%99%9f%e8%a2%ab%e7%9b%97%e4%ba%86-thrilling-48-hours-my-steemit-account-was-stolen/

H2
H3
H4
3 columns
2 columns
1 column
75 Comments