Nxt Coins stolen/ Hacked be warned

[gravitate]

dude tim cum sim prawn gin yuk bim rarl per tip pop from

Its no easier or more complex than that. It doesn't make sense in chinese or english trust me.

[Daedelus]

... trust me.

This is what I have been trying to avoid all along  I have re-raked enough old ground and nothing new has turned up, I'll leave it there.

[PL_CoinTrader]

This should really be a lesson for all of you. If you are too stupid to set a strong password, you should stay away from Nxt or crypto in general. There are enough banks who'd like to take care of your money.

[gravitate]

This should really be a lesson for all of you. If you are too stupid to set a strong password, you should stay away from Nxt or crypto in general. There are enough banks who'd like to take care of your money.

Thank you for your input coin trader. It is very good advice if you would give more elaboration. Lets hope that someone who is reading this is the organiser of the next bitcoin conference and they pencil you down to take the stage and tell us all about it.

[CryptoCarmen]

NXT was hacked /stolen again or this is an old thread?

[okaynow]

It is very good advice if you would give more elaboration.

"it doesn't make sense" =/= random

@cryptocarmen, it;s an old thread.

[gravitate]

WELL IT HAPPENED RECENTLY LIKE WEEKS AGO. NOT THAT OLD?

[okaynow]

WELL IT HAPPENED RECENTLY LIKE WEEKS AGO. NOT THAT OLD?

quite old actually.
weeks in cryptoland, are well.. quite some time,
it happened like 200 ANN ago.

It just so happens that OP used "NXT" on the title, and we have seen a surge in threads attacking NXT the past week.

OP keep your pants up mate. whats with the caps?

[Ramones]

No I mean I followed recommendations about a secure pass phrase.... I thought nxt were ok as they were at every conference I was at I got sucked in. It is the security of the coins ' brain wallet'  that I question.

you went to brainwash centers, even bitcoin conferences warn about the dangers, nxt is a scam coin token, im tired of warning ppl about it.

You are an idiot sir.

[EvilDave]

This should really be a lesson for all of you. If you are too stupid to set a strong password, you should stay away from Nxt or crypto in general. There are enough banks who'd like to take care of your money.

Thank you for your input coin trader. It is very good advice if you would give more elaboration. Lets hope that someone who is reading this is the organiser of the next bitcoin conference and they pencil you down to take the stage and tell us all about it.

Hold on a bit, guys, Gravitate is not the guy we should be whaling on here. I've followed his case, and taken a look at the blockchain evidence, and his funds were stolen, as far as I can see, so blame the bloody thief.

Heres the www.nxtforum.org thread on the current unresolved thefts:
Recent NXT thefts: blockchain info.

So far, almost every NXT theft has come back to a weak password choice, but Gravitates theft may not have been.
It'd be a lot easier to prove this if G. would release his password to us, but he has his reasons not to.
There are other possibilities left to investigate: keylogger/malware or 3rd party access to G.s PC. I'm leaning towards the malware theory.....

Gravitate has a right to be pissed off, and a legitimate reason to be starting this thread, he's not throwing FUD about, he's just genuinely unhappy about being robbed.
The NXT community is checking this out, but we're not making a massive amount of progress on finding the thieves.
If anyone else wants to take a look at the blockchain evidence and go on a thief hunt, there is a small (ish) bounty available, see the above link.    

[CryptoCarmen]

WELL IT HAPPENED RECENTLY LIKE WEEKS AGO. NOT THAT OLD?

there are just so many similar threads around.

[gravitate]

Well still no resolve. 2 Bitcoins could have been in my wallet. Now hacked through Nxt its a great shame. I suggest double auth like banks use or Trezor tech if you consider putting even a little bit of money into this.

[gravitate]

If Nxt is so big like 10000 usd should be able to crack a device to use.

[Daedelus]

Now hacked through Nxt its a great shame.

You're doing it again.

Could you explain exactly how Nxt was hacked, which part of the algo is compromised that caused your hack? Please be specific.

[devphp]

No compromised pass phrase provided = didn't happen. Spreading FUD is so common these days on this forum, but without proof it's not credible.

[EvilDave]

I posted this at the end of September on www.nxtforum.org

I'm going to take the unpopular route here and point that NXT security is pretty good, NXT has no wallet.dat file to lose/corrupt/get stolen for one thing. All cryptos suffer thefts, that can't be completely avoided. There are not very many NXT thefts, but even one is too many.

@shin: you are mostly correct: we need to be sure that newbies to NXT can make a safe, secure account.
I think that on the dev side we do need to prioritise Account Control with 2FA, and on the marketing side to keep on pushing safe password  practices to people. Password security is almost always a contributing factor to crypto thefts, and so education about passwords will help everywhere, not just for NXT applications.


I have a feeling that there are at least 2 active thieves:
http://nxtreporting.com/?ac=NXT-WTCT-N6HZ-CCKY-4MLJF
is the guy/girl with donn2012 + 71586810(at)qq.com stolen funds:
https://bitcointalk.org/index.php?topic=792600.0
https://nxtforum.org/general-discussion/help!-my-nxt-account-stolen-account-for-nxt-wczn-dgql-xm69-62l3n/
These 2 are obvious Rainbow Table attacks, as the passwords used were both direct quotes from literature.

and there is the gravitate thief:
https://nxtforum.org/general/have-i-been-hacked/
http://nxtreporting.com/?ac=NXT-URNF-7LNL-GDNW-EDRN6
and then on to the old BTER hot wallet:
http://nxtreporting.com/?ac=NXT-LSC3-VB9T-2W3V-BH7FB
I have a feeling this is not a Rainbow Table attack, but we'll see....
And I also have the feeling that there are more smaller thefts involved with both attacks.


I'm going to offer a bounty of 5000 NXT (from my own personal stash....ouch) to anyone who can help in the recovery process for the thefts above.
Talking to BTER sounds like a good first step......freeworm is the guy you need.

I would like to suggest that the 3 theft victims here (gravitate, donn2012, 71586810) take the lead in organising the chase....and they can qualify for the bounty for getting their own funds back.

Since then there have been no new Nxt thefts, so we're left with 3 guys with a theft issue, 2 of which were definitely down to a weak password.
Without Gravitates old password, figuring out how his funds were stolen is more difficult, which is one of the reasons that I suggested that these 3 guys carry out further investigation themselves.  Did you guys contact freeworm/BTER ?
There are extra bounties available for tracking down the thief or thieves, if you need any more incentive.

[gravitate]

No compromised pass phrase provided = didn't happen. Spreading FUD is so common these days on this forum, but without proof it's not credible.

Thanks for taking the time to read why I don't want to post it and thanks. There is all the proof on this thread. But obviously your accusations are far more important to you than actually making an informed decision. Hypocrites are really amusing I must say.

[devphp]

There is no proof you're not lying.