Please stop using brain wallet! and Refund to you

@mizunashi decides what level of “confirmation” is sufficient. If it is “small” amount, just the fact that someone is both complaining and knows the password is enough. For larger balances, he may want him to step out of anonymity. Of course you can never be sure, if it is the real owner or an impostor. But if someone else wants to claim the same address later, at least there is real person to blame then. (Evereyone is welcome to suggest better solution :wink: )

1 Like

Report matter:
Today, I received the following payment in the deposit pool account.
I do not understand this deposit.

dim.coin 19,480

http://chain.nem.ninja/#/transfer/542730e68e387633857bb27d198b6ac00079a243e77fcd329f07ac6784858fb0

I asked the people of White hut hacker that they have not confirmed all of them, but they said that they did not make this remittance.

The sender’s address is below.

http://chain.nem.ninja/#/account/NDITFGFUTRO7P3UPZSWQBTC7OUIYJSG7SU6OXE6C/0

With this address, you can check the address of Black hat hacker at the address he are sending/receiving.

NCWPLQ-CVARBY-XXPCC3-KDAZUQ-4MNL2L-NS7YIR-M2XU

I do not know what kind of idea he is sending money.
First, we have issued a warning sentence to the remittance source.

1 Like

I will inform you that there was a refund of 1000 XEM from Black hat hacker.

Hacker is trying to get me down, but this 1000 XEM would like to use it for refund to the victim who this hacker robbed.

The funds were sent to my personal address.

http://chain.nem.ninja/#/transfer/22f9f76ac88382bdacec43b595de7cd986a415e9112045a92ad0f10d4bbc900b
The Russian language of the message is written like this.

Спасибо за помощь. Вот ваша доля, как мы договорились.

I remitted the transferred 1000 XEM to the refund pool address.

http://chain.nem.ninja/#/multisig/aa7eb2ccc7dcd06ac5145bf87fc6058e12aca3fba6d62c02d4cb049fed9c0b57

Thanks

1 Like

There are multiple possibilities:
a) he is feeling threatened and fights back - trying to create false “evidence” and implicate/frame others by sending them transactions, which pretend to be payment for some kind of services; pitty, what is on the blockchain can not be reversed - we have his first changelly withdraval no matter what he does now; welcome to the pseudonymity topic!
b) he is creating chaos just to waste our time, so we can not “steal” more of “his” money (from purely secured brainwallets)
c) he is having fun and is really enjoying it (this is most likely)

There is something obvious also: He is carefully monitoring this forum. (Hello M2XU, how are you? Are you sleeping well?)

I would consider those 1000 XEM he sent as a success. @mizunashi, please continue doing a great job!

1 Like

To: Black hat hacker.
Please send me all the better.
We will deal to the victims.

thanks

1 Like

We made a refund for the hacked account.
The URL of the topic for which refund was done is as follows.
This is paid from funds sent by hackers.

thanks

with so many issues, shouldnt the brain wallet be removed altogether?

also quick question, does a ‘purge’ completely remove risk of wallet being hacked?

1 Like

I want to eliminate it.
However, in order to realize that, we must obtain consent from the community.

Originally, this function was prepared at the request of the community.

thanks

I’m for removing this option from the Nano Wallet as it creates a lot of problem for newbie people.
We could open a poll about this issue so that community can vote.

I don’t see a reason to remove the brainwallet option.
The brainwallet has been made a lot more user friendly then it was previously.
People still using older wallet versions don’t get the fix, but that is a different issue. One that won’t be fixed by removing the brainwallet.

New wallet enforces very strong brainwallets. Have we a case brute forced brain wallet with 40 or even 20+ characters password?

【Current status report】

The latest implementation of NanoWallet has become a very powerful blain wallet implementation. (However, it is not absolute.)

However, to the extent I know, there is a group that makes another wallet from the source of NanoWallet. Both offer unique tokens using NEM’s system.
It is DIMCOIN and GCCH COIN CLASSIC.

DIMCOIN has become as strict as 40 characters, only the length of the character.
However, I have found a problem that security is not raised at all in this way.
We asked DimCoin side again to warn us about the details.

DIMCOIN users previously used 15 characters, currently 40 characters.
When I typed in the 40 letters that came into my mind at the test, I finally broke through 40 characters of Brain Wallet. Moreover, I found it in 1 minute without using a computer)
The act of increasing the number of characters is proof that it is very dangerous.

About GCCH COIN CLASSIC, it is a NanoWallet as it is, so there are considerable problems.

In recent verification,
Any user : DIMCOIN user : GCCH user = 2 : 5 : 7
About, users who use brain wallet and weak password are found.

Additional notes:
Weak brain wallet users include many main net Faucet users.

Hello, my coins were withdrawn from the purse and sent such a message.The password you are using for your Brain Wallet is weak. It is publicly available on Internet (GitHub) and already used for dictionary attacks. To protect your funds, we transfered it to a safe account. To retreive your funds, a) Prepare new simple wallet b) Prepare a screenshot of the account screen in your NanoWallet. If a certain amount is exceeded, more detailed identification may be requested (one or more of SMS, id scan, selfie holding your id, skype call) c) Post a message in the forum https://forum.nem.io/t/8147/
a) I prepared a new simple wallet
b) I have a screenshot of my NanoWallet account
Please return my coins to my new wallet.
Where can I send the address of the new wallet and the screenshot?

Thank you for contacting us.
We will send you a private message from here.
Please wait for a while.

@01Irma

We conducted personal authentication.
I could confirm that you are a valid address owner.
Thank you for your cooperation.

Custody transaction:
http://chain.nem.ninja/#/transfer/8c6cddb95f928d3b77d7850a42d34845b23e830145aeb93275c1ff476c5abd6a

Refund transaction:
http://chain.nem.ninja/#/transfer/0a34885a0cea98c1a0aa9ddb2ee547d0ca2650317ddd639d05612feb9ff345e1

With this, refund completion will be done.

thanks

Good evening! @mexxer has sent me to you, my funds have been locked! I can see why. I created a new simple wallet! Now did as you recommended, everything as it should, now I ask to transfer my xem my new wallet. What to do next? This is the address of the old wallet NDZRV3-AUSHLW-Q54C3Y-CLD5VD-AK72FP-OGVXJ3-PO3Q

@Sasha_Smirnov
Thank you for contacting us.
From now on, we will transfer funds from old address to newly created NEM address.
Before that, I’d like you to do personal verification, so I will send you a private message from me.
Please wait for a while.

@Sasha_Smirnov
I performed personal authentication and confirmed that I am the principal.
The refund transaction is as follows.

http://chain.nem.ninja/#/multisig/cc74aa500de8b2f9b05706ffc332063835bbf4e60e47bdf9cbdede9d6036194e
http://chain.nem.ninja/#/multisig/c460949f47a23c38c2fa03ff51a68b827ee10746303b91b31df1015472e28c88

Good morning! @mexxer has sent me to you, my funds have been locked! I can see why. I created a new simple wallet! Now did as you recommended, everything as it should, now I ask to transfer my xem my new wallet. What to do next? This is the address of the old wallet NAC2OR-JXBOKK-SSS4GV-5IIRFU-VXWNZC-COPSCY-KBPL

@olikart

Please tell me the address of the newly created simple wallet.

And from now on I will send you a private message in order to do personal authentication.