How I figured out I was hacked and withdrew 3047 Steem… with minutes to spare

From my understanding the hack was initiated through some kind of XSS attack, which is a browser based hidden code that enabled the hacker to swipe the keys being used   

We could go into detail about the technicalities of what that means but in a more general sense it was a basically a hacker STD. Yep a sexually transmitted hacker disease!   

When you interacted with a hacked users post, by up/down voting or commenting you would give away the keys to your account.   

They would then empty your account and post under your name, hiding the secret hacker STD code and infect other users.   

This could have gotten way out of control. But the developers shut it down before some serious damage could be done.     

How did I figure it out before I could be drained?.... I was incredibly lucky.            

Someone mentioned that there was a hack going on in the slack, referencing a Hive account@dantheman post. So I was already on guard and looking for things that seemed out of place.    

I viewed this post by Hive account@dantheman.   

It's been edited now, but it was very out of character, I downvoted it because it looked like someone else was using his account.    

I then went to look at Bittrex to see what was going on and I realized that the hack could have potentially been site wide.   

I noticed that the memos (the text in red) were the same for several accounts. I also knew from reading Hive account@complexring and Hive account@samupaha s posts and interacting on Slack that they were not the same person.  

Going back to the Hive account@dantheman post I noticed that some of those names had interacted with the post and some of the downvotes had been removed. So I removed mine - I think I was already hacked at this point.            

I then initiated the transfer out with minutes to spare...

   

I was probably one of the last accounts to be hacked before the site shut down to contain it, I was lucky to have access to more information than most of the other accounts.                   

I was just using my master password for everything, it was 30 characters long and completely random. It wasn't enough safety.   

Now, with the help of a few articles….   

Can you remember your Steemit password? If so, you are in danger.

by Hive account@arhag

Steemit - Security - Exchanges & Why - By a guy that has been in Crypto since 2009 - [NEW PEOPLE - READ THIS NOW]

by Hive account@fyrstikken

…I'm signed into my account with my posting key   

My master password is now 100+ characters long of completely random characters and symbols. I use a password manager.     

When I want to initiate a transfer of Steem or Steem Dollars I'll use my active key to do so and then quickly log in again with my posting key. I will NOT interact with any posts in this time.   

The particular hack that came about, I believe has been patched. 

...Will there be more holes in the future?...    

...most likely, but if I use a posting key for posts and votes and then using my active key solely for transferring I will likely be much better protected from any similar hacks in the future.   

I was lucky. Really lucky.   

If you've been procrastinating setting up your security then get on it now! The posts above will help you figure it out.    

If thats not enough... read this recent post from Hive account@cass

Compromised account @katecloud

and this whitehat (friendly hacker) hack from Hive account@robinhood - who managed to break the passwords of around 500 accounts

Offline Attack on Steem User Credentials

Wake the fuck up and get it sorted! 

The guides above will help you sort it out. It basically comes down to picking a ridiculously long master password, taking note of your private keys in the permissions section and then just using your private posting key for day to day use.