[Action required] Security attack on Reviewhunt.com by steemhunt

View this thread on: hive.blog | peakd.com | ecency.com

reviewhunt · @steemhunt · Jan 25 '20

$2.59

[Action required] Security attack on Reviewhunt.com

Today, we noticed that there were security attacks on Reviewhunt website. We received a report at 12:49 am (KST) when a user discovered that his/her HUNT tokens were transferred without their knowledge. After receiving this message, we ran an investigation and found a server log that shows login attempts by an automated script using login pairs leaked from another website.

Based on our investigation, it appears that this security attack was carried out in the following ways:

1. The hacker may have attained thousands of email addresses and passwords from other websites.
2. The hacker ran an automated script that attempts to login to Reviewhunt by using the email-password pairs from the hacked websites.
3. Most of the email addresses that they attempted were not Reviewhunt accounts, but a few of the users’ account information matched. So far, we have received 4 reports from our Reviewhunt users that said their account has been accessed by the hacker and a total of 51,125 HUNT tokens were transferred (we presume that their login information was the same as the leaked information from the hacked websites).

As soon as we found out about the security attack, we halted all the withdrawal requests in order to prevent the hacker attempting more log-ins to our website with the email-password pairs leaked from outside sources. If the hacker tries after we have halted the transfer system, the withdrawal transaction becomes a “pending” status.

If you find any pending withdrawal transaction that is not attempted by you, please contact us via the #hunt-token channel on our [Discord group](https://discord.gg/mWXpgks). We will stop (rollback) the transaction. Unfortunately, we have no way to help you if the transaction has already been processed (it means that the hacker had already transferred tokens by using the login information leaked from an outside source before we halted the transfer system).

**We will keep maintaining this withdrawal suspension for all Reviewhunt users until January 28th (Tue), 2020, 6 pm KST just in case of rollback requests from pending transactions.** We will approve the transfer requests altogether after the time.

As we [informed earlier](https://steemit.com/steemhunt/@steemhunt/all-new-reviewhunt-set-to-launch-simpler-but-greater), Reviewhunt will be relaunched on January 29th, 2020 with the new Blockstack authentication. All the user records will be reset and you need to join Reviewhunt again via the Blockstack system. Also, we strongly recommend that you use different password information on each website to prevent security breaches from other websites.

👍 smartsteem, therealwolf, tombstone, whatageek, tabris, springflower, armdown, wisdomandjustice, p-translation, mychoco, espoem, roseofmylife, jcbit, steembasicincome, malkoo45, smartmarket, dwiitavita, cryptocurator, eastmael, epicdice, minerthreat, steemjetmedia, phabulu, otemzi, avocadoxy, newageinv, dudream, khoon, steemhunt.pay, tsnaks, steemindian, cardboard, heyhaveyamet, jirkamarek, kyuubi, dakeshi, vannfrik, folken, priyanarc, byd, steemdapps, crypt0renegade, sarasate, dexter-k, steemtank, spreadfire1, lordjames, steemhunt.fund, backdm, sagarthukral, cultus-forex, nedy, alikoc07, yestermorrow, mcyusuf, hannesl, aaronkroeblinger, idas4you, andresurrego, idiosyncratic1, alexandersteemit, spiritualmax, robi, r3ap3r, and 87 others
👎 gristel

`author`	steemhunt
`permlink`	action-required-security-attack-on-reviewhunt-com
`category`	reviewhunt
`json_metadata`	{"tags":["reviewhunt","update","hunt-token"],"links":["https://discord.gg/mWXpgks","https://steemit.com/steemhunt/@steemhunt/all-new-reviewhunt-set-to-launch-simpler-but-greater"],"app":"steemit/0.1","format":"markdown"}
`created`	2020-01-25 21:46:03
`last_update`	2020-01-25 21:46:03
`depth`	0
`children`	7
`last_payout`	2020-02-01 21:46:03
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	1.548 HBD
`curator_payout_value`	1.045 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	2,621
`author_reputation`	328,252,698,785,439
`root_title`	"[Action required] Security attack on Reviewhunt.com"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	94,765,934
`net_rshares`	12,307,461,657,297
`author_curate_reward`	""

properties (23)vote details (152)

voter	rshares	pct
tombstone	1,324,051,184,152	4.5%
boombastic	1,694,459,826	15%
pairmike	81,365,311	15%
tshering-tamang	1,083,750,015	100%
gammagooblin	4,684,013,020	15%
jsantana	2,493,565,370	30%
shadowspub	3,903,358,333	3.75%
dexter-k	14,844,251,977	7.5%
arama	343,711,285	100%
rouer66	1,256,987,957	25%
whatageek	689,656,299,588	80%
cardboard	27,213,194,416	100%
shafay	2,993,744,623	15%
ogochukwu	187,122,639	100%
azzurra92	2,429,242,488	15%
sarasate	15,188,906,127	15%
tyzzzz	70,142,383	15%
vannfrik	17,147,983,908	12%
cryptocurator	64,917,668,370	14%
robi	6,405,809,164	15%
byd	16,136,677,324	100%
stylegold	1,070,857,053	100%
idas4you	7,198,788,257	15%
techken	164,580,603	1.5%
wesphilbin	905,617,409	2.5%
insteem	2,620,997,507	15%
lupo	3,995,028,681	15%
khoon	33,466,452,429	100%
jpederson96	2,161,476,089	75%
tabris	598,882,328,982	100%
r3ap3r	6,300,403,643	15%
podnikatel	820,933,773	1.5%
sunisa	4,091,451,497	10.5%
dakeshi	18,258,001,510	50%
eastmael	64,169,236,293	100%
therealwolf	1,918,732,351,810	15%
iliasdiamantis	6,295,905,865	25%
espoem	232,596,220,022	100%
hannesl	7,968,692,891	15%
backtomining	4,734,534,539	6%
otemzi	48,070,531,592	100%
malkoo45	104,303,763,761	100%
sagarthukral	10,166,472,084	15%
smartsteem	3,374,993,267,163	15%
chintya	1,519,173,610	50%
diana1	918,566,561	100%
bebeomega	89,767,471	15%
mcyusuf	8,012,685,477	100%
steembasicincome	109,446,748,369	1.84%
rombtc	990,298,740	7.5%
zipsardinia	3,523,836,842	15%
phabulu	48,932,732,464	100%
dudream	35,512,789,080	100%
backdm	10,237,458,271	50%
spiritualmax	6,530,950,909	15%
smartmarket	67,183,750,216	15%
errajesh	3,175,295,876	15%
newageinv	36,578,454,854	5%
folken	17,091,675,442	100%
hadex	714,851,259	100%
josalarcon2	5,104,801,376	100%
nedy	9,573,977,034	15%
raise-me-up	0	0.01%
alexandersteemit	6,605,793,570	15%
layra	4,999,601,657	15%
sibeut	593,771,407	100%
oadissin	742,985,969	1.84%
lordjames	11,495,820,774	7.5%
kyuubi	18,506,823,548	15%
kargul09	5,291,413,869	100%
spe3dy123	116,770,890	15%
armdown	549,782,645,716	100%
chuuuckie	2,909,507,483	3%
aduwahsp	435,867,534	75%
tsnaks	30,093,278,028	100%
feedmytwi	2,832,274,673	55%
wisdomandjustice	464,013,267,555	15%
avocadoxy	44,607,711,615	100%
spreadfire1	12,626,234,155	15%
minerthreat	52,551,722,562	15%
aro.steem	467,280,400	3%
sapper11g	5,052,055,352	15%
stay4true	179,070,809	15%
luminaryhmo	853,262,170	100%
sky.nikolas20	2,425,219,470	15%
the.rocket.panda	333,098,720	100%
dwiitavita	67,047,741,376	100%
agathusia	698,803,746	100%
profitcheck	4,588,924,622	100%
steemhunt.fund	11,113,791,591	100%
steemhunt.pay	31,056,547,013	100%
mrnightmare89	571,662,322	1.5%
jirkamarek	20,226,628,886	50%
xmrking	5,173,820,641	15%
sanmibreve	543,131,798	100%
calprut	2,910,892,247	50%
somog007	539,445,382	100%
yestermorrow	8,730,931,137	31%
jcbit	170,911,070,018	15%
volare511	1,364,655,327	100%
larixon	542,031,629	100%
alikoc07	9,494,782,436	100%
mops2e	1,245,577,677	80%
sunit	2,167,748,893	50%
drfk	2,440,733,951	7.5%
right.like	725,785,226	100%
alexhomeworld	171,729,137	100%
cultus-forex	9,587,937,314	9%
steemjetmedia	50,392,997,310	15%
allonepower	547,849,451	100%
priyanarc	17,074,000,802	12%
colecornell	5,164,794,310	15%
rahularyan	586,058,547	100%
xcountytravelers	2,674,519,140	6.25%
english-ant	555,822,694	100%
crypt0renegade	15,807,834,432	15%
steemcracker	540,032,153	100%
dfen	1,467,734,804	100%
knaveen	16,228,291	100%
steemegg	5,292,360,073	15%
steemtank	13,731,296,952	15%
steemehq	24,455,619	25%
wolfinator	3,832,686,897	15%
greelos	555,105,830	100%
idiosyncratic1	6,912,335,873	100%
tipu.curator	336,717,766	50%
andresurrego	7,062,974,483	15%
elizabethharvey	2,897,973,581	15%
heyhaveyamet	27,033,273,998	25%
steemdapps	16,120,963,284	15%
bewithbreath	2,061,552,644	0.92%
hungryharish	6,024,633,083	100%
kharma.scribbles	92,156,802	2.81%
aaronkroeblinger	7,640,453,710	15%
hungryanu	2,221,226,275	50%
epicdice	62,869,249,370	4.5%
dumbanddumber	546,894,767	100%
canercanbolat	542,343,612	100%
simplyawesome	542,768,230	100%
oxoskva	631,570,893	100%
steemindian	28,362,935,095	100%
careto	693,806,119	100%
hyborian-strain	1,688,885,795	30%
lass3	1,751,275,105	15%
cryptosearch	1,316,060,982	100%
roseofmylife	209,137,835,298	15%
springflower	587,144,536,137	15%
mychoco	268,345,403,289	15%
gristel	-9,166,314	-10%
starworld	1,192,062,188	100%
p-translation	362,321,371,227	15%
bayron	456,790,825	100%

@aamirijaz · Jan 26 '20

There must be an extra security layer implemented which asks for a verification email  or a Google authentication code upon withdrawal.

properties (22)

`author`	aamirijaz
`permlink`	q4p3k0
`category`	reviewhunt
`json_metadata`	{"app":"steemit/0.1"}
`created`	2020-01-26 03:40:48
`last_update`	2020-01-26 03:40:48
`depth`	1
`children`	3
`last_payout`	2020-02-02 03:40:48
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	135
`author_reputation`	112,726,048,778,758
`root_title`	"[Action required] Security attack on Reviewhunt.com"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	94,771,716
`net_rshares`	0

@gentleshaid · Jan 26 '20

I was going to say this

Posted using [Partiko Android](https://partiko.app/referral/gentleshaid)

👍 penghuren

`author`	gentleshaid
`permlink`	gentleshaid-re-aamirijaz-q4p3k0-20200126t065845261z
`category`	reviewhunt
`json_metadata`	{"app":"partiko","client":"android"}
`created`	2020-01-26 06:58:45
`last_update`	2020-01-26 06:58:45
`depth`	2
`children`	0
`last_payout`	2020-02-02 06:58:45
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	97
`author_reputation`	399,453,372,708,549
`root_title`	"[Action required] Security attack on Reviewhunt.com"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	94,774,957
`net_rshares`	7,434,377,984
`author_curate_reward`	""

properties (23)vote details (1)

voter	weight	wgt%	rshares	pct	time
penghuren	0 B		7,434,377,984	100%

@tabris · Jan 27 '20

$0.02

We're going to use Blockstack authentication on the new version of Reviewhunt, which requires full seed phrase to login and I guess this can be much safer than Email/Password authentication.

We'll definitely do 2-factor auth too on our wallet in the future.

👍 aamirijaz

`author`	tabris
`permlink`	q4s0ke
`category`	reviewhunt
`json_metadata`	{"app":"steemit/0.1"}
`created`	2020-01-27 17:29:03
`last_update`	2020-01-27 17:29:03
`depth`	2
`children`	1
`last_payout`	2020-02-03 17:29:03
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.011 HBD
`curator_payout_value`	0.011 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	258
`author_reputation`	13,487,538,505,917
`root_title`	"[Action required] Security attack on Reviewhunt.com"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	94,825,273
`net_rshares`	141,019,990,784
`author_curate_reward`	""

properties (23)vote details (1)

voter	weight	wgt%	rshares	pct	time
aamirijaz	0 B		141,019,990,784	100%

@aamirijaz · Jan 27 '20

That souds cool. Thanks for the reply.

properties (22)

`author`	aamirijaz
`permlink`	q4s38v
`category`	reviewhunt
`json_metadata`	{"app":"steemit/0.1"}
`created`	2020-01-27 18:26:57
`last_update`	2020-01-27 18:26:57
`depth`	3
`children`	0
`last_payout`	2020-02-03 18:26:57
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	38
`author_reputation`	112,726,048,778,758
`root_title`	"[Action required] Security attack on Reviewhunt.com"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	94,826,532
`net_rshares`	0

@gentleshaid · Jan 26 '20

Kudos for swiftly responding before things got worse. I just checked my wallet and everything seems fine.

Posted using [Partiko Android](https://partiko.app/referral/gentleshaid)

👍 penghuren

`author`	gentleshaid
`permlink`	gentleshaid-re-steemhunt-action-required-security-attack-on-reviewhunt-com-20200126t065952121z
`category`	reviewhunt
`json_metadata`	{"app":"partiko","client":"android"}
`created`	2020-01-26 06:59:51
`last_update`	2020-01-26 06:59:51
`depth`	1
`children`	0
`last_payout`	2020-02-02 06:59:51
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	179
`author_reputation`	399,453,372,708,549
`root_title`	"[Action required] Security attack on Reviewhunt.com"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	94,774,986
`net_rshares`	7,287,408,259
`author_curate_reward`	""

properties (23)vote details (1)

voter	weight	wgt%	rshares	pct	time
penghuren	0 B		7,287,408,259	100%

@starworld · Jan 25 '20

"The hacker ran an automated script that attempts to login to Reviewhunt by using the email-password pairs from the hacked websites."

This is a good reason for websites to use  two-factor authentication (2FA).

👎 block-power

`author`	starworld
`permlink`	q4onfo
`category`	reviewhunt
`json_metadata`	{"app":"steemit/0.1"}
`created`	2020-01-25 21:52:39
`last_update`	2020-01-25 21:52:39
`depth`	1
`children`	0
`last_payout`	2020-02-01 21:52:39
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	210
`author_reputation`	-1,006,677,432,864
`root_title`	"[Action required] Security attack on Reviewhunt.com"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	94,766,093
`net_rshares`	-162,802,663,323
`author_curate_reward`	""

properties (23)vote details (1)

voter	weight	wgt%	rshares	pct	time
block-power	0 B		-162,802,663,323	-100%

@tts · Jan 25 '20

To listen to the audio version of this article click on the play image.
[![](https://s18.postimg.org/51o0kpijd/play200x46.png)](http://ec2-52-72-169-104.compute-1.amazonaws.com/steemhunt__action-required-security-attack-on-reviewhunt-com.mp3)
Brought to you by [@tts](https://steemit.com/tts/@tts/introduction). If you find it useful please consider upvoting this reply.

👎 spaminator, mack-bot, steemcleaner

`author`	tts
`permlink`	re-action-required-security-attack-on-reviewhunt-com-20200125t220114
`category`	reviewhunt
`json_metadata`	""
`created`	2020-01-25 22:01:15
`last_update`	2020-01-25 22:01:15
`depth`	1
`children`	0
`last_payout`	2020-02-01 22:01:15
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	370
`author_reputation`	-4,535,154,553,995
`root_title`	"[Action required] Security attack on Reviewhunt.com"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	94,766,299
`net_rshares`	-106,268,236,782
`author_curate_reward`	""

properties (23)vote details (3)

voter	rshares	pct
steemcleaner	-21,739,191	-0.08%
spaminator	-54,187,669,355	-0.05%
mack-bot	-52,058,828,236	-0.5%