I considered that (message/encrypted message) … but then decided not to use it. Because if someone else guesses the password, then he sees the message too and can claim the funds. There is no easy way how to distinguish real owner from impostor. Now if someone else guesses the password, all he sees is an account with empty balance, which is not interresting for the bad guy. Real owner knows that it is a “theft” and has motivation to get his funds back.
2 Likes
No bot. Just checking generated addresses for non-zero balance or public key present. I found dozens of addresses like this, mostly with small amounts. The danger here is that they will be used in future for some serious funds. It would make sense to spam those with warnings now, since the damage would be minimal. I am willing to give those addresses to a volunteer who would spam them (I am not sure, if it is the right approach though, because the message is like a red flag for a future attacker). Now I have no time for this, I have a real life, too, you know 
So far I “secured” 3. One was already refunded, other two with smaller amounts are waiting. Pitty, I joined too late for this guy @findcoin (check his address now - the attacker even send him back his password and private key).
As of now, this is manual process and I don’t have time nor want to automate that.
Also, my 40-lines of code are not optimalized and running on single core. Very slow process. The bad guys are far more effective, Again, if you reccomend me a trustworthy volunteer, I’ll share my approach and we can split the work.
I think that such things are very good things.
There is only one problem, Japan’s law that I live in.
Personally, as a white hat hacker, I feel like saving my personal money in the future.
And I can do Full Time Commit. I think that I can respond quickly.
Thanks
1 Like
Help me please too. My nano wallet (brain) hack. Please help me return my nem. Thanks
Please provide some details: your NEM address and/or transaction hash.
NBUZHA-QIJSHM-I2ZDQX-FNP7DD-Y3ZNL3-YD4UTL-4USB
7de7e987f92d7d11495d3f4fa3cdae43f465a512623e73ac1ca3e9784f833acc
-58.483 NEM
Sorry, I can not help you with this one.
Interesting fact: this account: http://chain.nem.ninja/#/search/nbt3qy-glml4f-vyn23m-mp3nyo-mfky5x-74dba5-vatx (recepient of the transaction) is the only cosignatory to several other accounts, all of them with weak brainwallet password. Did he rob them all too?
Now we know for sure there are several people searching for weak brainwallet accounts. Maybe would be worth if the comunity helps “follow the money” - i.e. the recent @findcoin’s robber (http://chain.nem.ninja/#/search/NDFUCB-7A2FZB-VMGPTG-PETYHH-TYUBXX-BCOQP2-WSIV) leads to Chagnelly(?) after several transactions …
I examined this NBT3QY-GLML4F-VYN23M-MP3NYO-MFKY5X-74DBA5-VATX when there was a previous hacking report.
This hacker is trying to be a signer of a hacked account after hacking various accounts.
This time it seems that it is not doing it.
how did he not do it?
explain how
Basically, I accumulate funds in this account.
It is about 200,000 XEM accumulated. There is only 700 XEM withdrawal to other accounts.
Withdraw to NBQEYU-UCLQ5N-LTMZAW-G3VVYW-VRT6KD-D2SXHE-JLD5
http://chain.nem.ninja/#/transfer/6f4a28cacaf9a984b2fba3473d62138e88ce0f523e2ae9caff767cb096b7fce5
http://chain.nem.ninja/#/transfer/e45aa6fb263fda7cdc67f44e6b91f279be4587d7746f4d2c073ec308e50954a5
Among 700 XEM, 499 XEM is remitted to Changelly.
http://chain.nem.ninja/#/transfer/b4825580bf18076f23bcea265f6a62f14afc6cf55341a9e474d983340b54a828
If you do a survey, there is no way to ask Changelly about this transaction.
(However, there are possibilities of fake as remittance is small.)
The criminal is remitting 5xem to me. Completely it has been played to the criminal.
http://chain.nem.ninja/#/transfer/d188126bc3028e3b36dd5ee8fe20b0ea1edd2faec4220f6e02691d7da117ce3b
what should I do?
I can only ask you about Changelly.
Please let me know that the stolen XEM was remitted to Changelly.
That transaction will be here.
http://chain.nem.ninja/#/transfer/b4825580bf18076f23bcea265f6a62f14afc6cf55341a9e474d983340b54a828
I think that Changelly knows best about what we can get with this information, so please ask for directions.
Changelly Email address: support@changelly.com
I think there is not much you can do. There is only one lead - a Changelly withdrawal of 499 with 8f887840957411e7b3a7b3d76ec6c9c2 message. You can try to ask Changelly, but don’t expect anything. You can try to report your case to your local authorities - at least there would be a record somewhere for future reference, again, I wouldn’t expect much.
(frankly, my local authorities would laugh at me - in the rare event if they understand what I am talking about in the first place)
1 Like
hi congratulations you do a great job
I live in brazil and I have lot of free time
I use nem wallet+ android with a 32 strong password can you check my adress NDZGDE-3ASPDQ-I5P544-S33PEB-G4DE7C-3HCBN6-PP2E if is safe.
in this moment no funds there
if you want I may be a volunteer for help these guys to protect himselfs
paulo
You are not using a brainwallet, so your account can not be bruteforced.
Your account can still be hacked if you download a malicious app.
While having a strong password is important, it is also important to keep your device free of viruses.
I suggest storing XEM offline in a paper wallet with private key if you are storing XEM long term.
thanks