Bitcoin Forum

I only have 3 NXTs in my wallet and they are transferred to this address 10411181763421717624.
It is not much NXTs but I have absolutely no idea on how it got stolen.
Link to my address: http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=14639139826719190448 (http://87.230.14.1/nxt/nxt.cgi?action=3000&acc=14639139826719190448)

I have never sent any NXT to anyone or any exchanges. Having troubles syncing my wallet, I looked up the blockchain, only to find that it
was transferred to this address somehow. My computer is with me all the time and I have a fairly secure password.

The point here is that NXT is not secure as it seems and can be easily compromised. I was trying to get started with NXT and was a believer of NXT until now, I have no idea how it happened but I will investigate more and will update on this matter. If anyone with similar experience or any solutions, I will appreciate your insights. I am trying to assume that I have downloaded malware that steals NXTs but so far my files are clean.

Any thoughts?

What was your password?

10 chars, combination of alphabets, numbers and symbols.
Possible brute force attack but I would like to know how is it done. If the attacker has access to my network and PC then I need to do something about it. If it is just some sniffing and cracking passwords then I'd say that it is not that secure comparing to Bitcoin.

I'd guess brute force attack.. sorry about that sucks.

Make a new account and I'll send you 3 NXT

BTW i think the nxt client recommends super long passwords.

10 characters is too short, you need to use at least 50 characters for NXT.  use a random password generator to make it.

That is very nice of you. Thanks but I am not here to ask for NXTs. :)

I am more concern of the security and the future of NXT. If stealing NXT is just the matter of guessing one's password, then its security is nothing compared
to the good ol' Bitcoin.


I don't think the average Joe would go through that kind of trouble to do that, it is a good thing to have a 50 char password but it is just not practical.
I suppose more than 15 char is recommended.

My thoughts on the security aspects. If the wallet provides you with the option of having a password, shouldn't it be the second line of defense instead of being the only one ?

it says clearly that the passpharse should be at least 30.
if you made a passphrase of only 10 charchters long it's your own fault . nothing to do with NXT.

why not check out 3RD GENERATION Frictionlesscoin https://bitcointalk.org/index.php?topic=429478.0
NXT IS JUST A STEPPING STONE TO FLC

I am not trolling, but you sir are trolling.


Yes it is my fault for setting an insecure password. But I do not see what you said about passphrase length in the client.

I have an extreme password. I received 3 nxt from a faucet and the transaction appeared in the unconfirmed transactions part of my wallet.
But the 3 nxt never made to my transactions.  Why is that?

This wallet doesn't seem to work. Needless to say my address is the same and I haven't changed the password.

Check your balance: http://87.230.14.1/nxt/nxt.cgi?action=100 / http://www.mynxt.info/blockexplorer/

Perhaps your client's blocks are/were not synced with the network.

NXT requires a complete change in thinking.  There is no wallet.dat to protect. The passphrase/password is the same as the privatekey in bitcoin type cryptos!  Entering that passphrase in NXT wallet is like importing a privatekey into a bitcoin wallet.  
The more complicated your passphrase the more secure your NXT will be, and like privatekeys in bitcoin each passphrase equals one unique NXT address.  

More information on security for NXT can be found here http://wiki.nxtcrypto.org/wiki/Account_Security

A 10 char alphanumeric password is clearly too short. However OP has a good point about Average Joe who used to choose quite simple passwords.

the same to me
i have 2NXT got from the beginning i open an occunt
but one week later,it disappeared

Likely brute forced if 10 characters.

Exactly.  Been screaming about this.  It is just insane.   You can collect all the addresses by reading the chain,  then you run a brute force to see if any matches the chain.

It is crazy!!

Bastard 10411181763421717624 also stoled my 54 nxt, password was long ыbought, but only from digits 16 chars :(

Avoid NXT.

yeah nxt is like someone already having your wallet infront of them with unlimited time and chances to crack your account.... sadly a good gpu farm will rape most passwords in a matter of days unless it is way longer than 10 digits. I bet on the way to your account he cracked a few others too.

Where and when did you download the last update of the client?

Why should security be the sole responsibility of the account holder? If my house got broken into I wouldn't expect people to blame me for not storing my wallet in a safe.

Nor would I expect my bank to let someone crack my credit card pin and not alert me something was up.

Madness.

So, if your house will be broken, you will blame doors manufacturers, because the cheapest doors are not secure enough? I feel sorry for people who had their NXTs stolen, but I don't think that it's developers fault.

I think in this case,  the developer is partly to blame.

Bitcoin public / private keys have been quite secure for 5 years now.

But the developer of Nxt decides to come up with his own novel strategy that encourages accounts from being hacked.  Nxt is likely the only crypto currency where you routinely hear people complain about their individual wallet being hacked.   The inside joke is that you can mine Nxt wallets using GPU farms.

Anyway,  NEX already has made the necessary code changes to use bitcoin technology rather than the flimsy one used by Nxt.  Consider NEX like 'industrial strength Nxt'.

from here https://nextcoin.org/index.php/topic,2041.0.html