NXT account hacked. All assets gone.

[Yuzu]

Hey, I don't even know why I'm posting this.  I'm so mad and disappointed.  My NXT account has been hacked.  All my NXT is gone.  I'm not as mad about that as I am that my assets are gone as well.  Whoever stole them, Karma is a bitch.  I promise you I will try to find you and you won't be happy when I do.  Here's the addy where they have gone:
NXT-FFJQ-RK5R-474V-E4XCD

If anyone can help me trace this person I'd appreciate it.  Thank you much.

[1714934034]

1714934034

[1714934034]

1714934034

[1714934034]

1714934034

[1714934034]

1714934034

[1714934034]

1714934034

[1714934034]

1714934034

[instacalm]

Hi, got more details ie. length and complexity of passphrase, operating system etc.?

Sorry for your loss

[MyPotPlantDied]

Sucks man, sorry for your loss. Lots of NXT hacks lately. You need to provide more details so people can help you track him down.

[Yuzu]

Sorry, my head is just reeling.  I'm on Mac OSX 10.9.  My passphrase wasn't complex enough--my own stupidity.  Kept meaning to change it and life kept getting in the way.  So I'm learning my lesson the hard way.  This is the transaction:

30/08/2014 03:07:59      21'787 + 1   NXT-FFJQ-RK5R-474V-E4XCD   10+

The asshole sold all my assets, and then took my NXT.

[instacalm]

Track whether the thief sends the NXT over to an exchange's hot wallet in the future (should he want to sell), then get in touch with that particular exchange. They might be able to give you more information such as IP. You can setup an alerter which automatically emails you when the account initiates any transactions: http://www.mynxt.info/alerts.php

Other than that please make sure to use passwords of great complexity from now on, I can highly recommend 1Password to generate and keep track of all your passwords if you're on OS X.

[Yuzu]

Thank you very much.  I'll look into 1password.

[WhatTheGox]

dam this sucks

[sx100]

Thank you very much.  I'll look into 1password.

Keepass is good too and does an OSX version.

http://sourceforge.net/projects/keepass/

[Spoetnik]

just ask for a rollback.

lol so true !

and this makes me think.. we can now so he "private" this coin really is..

see what was suggested here "anon" coin floggers see how easy the technique of cross referencing is ?
see how your stupid anon gimmick coins are a joke yet ?

edit:
i like Password Depot
but i don't think they have a mac version
it can run in free ware mode i here and has free mobile version.
http://www.password-depot.com/download.htm
http://www.password-depot.com/download-special-editions.htm

it has lots of features and was one of the best when i seen reviews first online too.
They are faster at updating the Firefox plugin compared to Kaspersky's Pass manager.

i like the tray icon.. you can right click it and select make new password.. really easy !
no reason for weak passwords these days..

[Yuzu]

NXT didn't do a rollback when they were hacked, but thanks for taking this post and making it all about an agenda.  I messed up with and didn't have a secure enough password, and I'm not asking for anything except information anyone might have.

[scryptasicminer]

It appears to have a lot of hack on NXT lately.

A 3rd party observer may think this is a coin security issue.

[Spoetnik]

NXT didn't do a rollback when they were hacked, but thanks for taking this post and making it all about an agenda.  I messed up with and didn't have a secure enough password, and I'm not asking for anything except information anyone might have.

it was a fair and quite funny joke considering the exchange BTER was hacked for NXT a matter of 2/3 weeks ago.
So in case people don't know out there that is why the joke is funny.. HA HA
(NXT cheerleaders asked for a rollback on the BTER hack)

nothing to do with an "agenda" bud lol

[Spoetnik]

It appears to have a lot of hack on NXT lately.

A 3rd party observer may think this is a coin security issue.

yup !

i agree.. seems to be a lot of security issues swirling around this coin.. not a good impression at all !

[Yuzu]

I'm a bud-ette.  I guess I just don't see the humor in all my assets being gone.  My sense of humor today is quite gone.  As for security issues, I can't really say.  My password wasn't very strong.  And other people don't seem to be having a problem. 

[manrus]

Use keepassx. Free and mac os support

[EvilDave]

It appears to have a lot of hack on NXT lately.

A 3rd party observer may think this is a coin security issue.

The recent NXT thefts had sod-all to do with NXT security, but are all about password security.
Whether its guys choosing "dog" as a secure password for a brainwallet, or server admins using the same password for everything......it's always password security or simple social engineering behind most crypto-thefts.

NXT didn't do a rollback when they were hacked, but thanks for taking this post and making it all about an agenda.  I messed up with and didn't have a secure enough password, and I'm not asking for anything except information anyone might have.

it was a fair and quite funny joke considering the exchange BTER was hacked for NXT a matter of 2/3 weeks ago.
So in case people don't know out there that is why the joke is funny.. HA HA
(NXT cheerleaders asked for a rollback on the BTER hack)

nothing to do with an "agenda" bud lol

BTER were the guys keen on the rollback, most of NXT community were against it, so Spoetnik is kinda twisting the truth here.
And, yeah, way to express some sympathy.

@Yuzu: what was your password/passphrase ?
It's been compromised, so it's fuck-all good to you now, but it'd be good to see an example of a compromised password.
Might serve as a warning for other people: Choose a very secure password for your crypto! 8 lowercase characters doesn't hack it any more.
You have my sympathy, btw, thieves suck.

[BitcoinEXpress]

It appears to have a lot of hack on NXT lately.

A 3rd party  casual observer may will rightfully think this is a coin with security issues.

Fixed that for you.

Isn't roll backs part of the unique built in features to prevent successful thefts in NXT?


~BCX~

[Yuzu]

Thanks EvilDave.  While I'm changing ALL of my passwords I don't want to put my old one out yet.  It was very simple for a hacker and I meant to change it but kept putting it off.  It was just a Word+number+symbol.  Twelve characters.  Bad, bad, bad.  For anyone who is out there reading this and thinks they have a 'good enough' password, for goodness sakes update it right now.  This truly sucks, and you don't want to be in my postion.  

[Yuzu]

Thanks EvilDave.  While I'm changing ALL of my passwords I don't want to put my old one out yet.  It was very simple for a hacker and I meant to change it but kept putting it off.  It was just a Word+number+symbol.  Twelve characters.  Bad, bad, bad.  For anyone who is out there reading this and thinks they have a 'good enough' password, for goodness sakes update it right now.  This truly sucks, and you don't want to be in my postion.  

Actually the PW strength probably wasn't the issue.

Malware and using it on other sites are more than likely the issue.

If you were too lazy to change it,

then there is a high probability you reused it or a similar variation of it somewhere else.


~BCX~

You're right about that.  I have no one to blame but myself.  Like I said, it will never happen again.  Not to me.  I'm just posting this as a warning to those who might have done what I did.

[EvilDave]

Thanks EvilDave.  While I'm changing ALL of my passwords I don't want to put my old one out yet.  It was very simple for a hacker and I meant to change it but kept putting it off.  It was just a Word+number+symbol.  Twelve characters.  Bad, bad, bad.  For anyone who is out there reading this and thinks they have a 'good enough' password, for goodness sakes update it right now.  This truly sucks, and you don't want to be in my postion.  

Actually the PW strength probably wasn't the issue.

Malware and using it on other sites are more than likely the issue.

If you were too lazy to change it,

then there is a high probability you reused it or a similar variation of it somewhere else.

~BCX~

Ah...trojans and dodgy sites are possible, but don't forget that there are also guys running rainbow tables against the NXT blockchain 24/7.
Any simple (or well known) password will be compromised, given enough time.
Had a guy on www.NXTforum.org a few days ago who had chosen a Bible verse as his password, and that got compromised pretty quickly.

The answer is simple: use a complex password, ffs. Not one that is easy to remember......
35 characters, upper+lower case, numbers and symbols.

@Yuzu: I know how much getting shit stolen hurts, so post or PM me your new NXT account (with a supersecure password) and I'll send 1000 NXT to help you back on track a little bit.