Hacked on Web2, Rescued by Web3: A True Story

in Hive Learners4 months ago (edited)

image1.png

Hey Hivers! Every day we receive a lot of DMs, and some of them are quite strange. I decided to share today's story with you because I believe it will help you reclaim your identity if you ever get hacked and show you how to verify if you are not talking to the hacker. Of course, each hack is different in nature, and one size can't fit all, but I still believe this information will be useful for someone someday.

Recently, our fellow Hiver kenechukwu97 got hacked on Discord and Twitter. I initially assumed the hacker was a bot dropping texts in DMs, but this time it wasn't a bot. A person sending messages to your online friends is scary because those text messages could be manipulative. Although it involved suspicious messages like all hacked accounts send, let me show you some messages from the hacked accounts on Discord and Twitter.

image2.png


image3.png

How is it related to me? 'kenechukwu97' contacted me with the different discord account 'kene_valentine'. The request was:

Hello, I'm on Hive as kenechukwu97.

My Discord account was hacked and the account is still in HIVE LEARNERS Discord server.

Please ban it when you see this.

The first thought that came into my mind was what if the account contacting me is just someone who is anger at 'kenechukwu97' and wants him to get banned in discord servers. The hacker also changed 'About me' as he was aware of this other Discord account too.

image.png

I asked if he can send me 0.001 hive with the memo to claim his identity. Why I did that? Because I hold responsible for my actions even if I am helping someone. What if I end up helping a harmful person instead? Anyway, this is the memo he sent me.

image.png

http://hive.ausbit.dev/tx/8824c181a3ae91ce62dd6ce8de84f3ad40402207

This was enough for me to know who currently owns his onchain account. But he still posted on Ecency Waves too.

image.png

https://ecency.com/waves/@ecency.waves/waves-2024-07-23#@kenechukwu97/wave-2024724t113452780z

I also asked for and collected proof that this hacked account is sending scam messages. The above two screenshots (in start of blog) I added from Discord and Twitter further cleared my doubts.

I reported this to the mods and got the hacked Discord account banned in HiveLearners. But why stop there? I checked all mutual servers where this hacked account was a member and reported this imposter. It was necessary because this account had stolen an identity that people still trust, and it was being used to send scammy messages. What if more victims fell into the trap, seeing mutual friends and servers?

As always, thekittygirl was the fastest to ban the account from the Hive server. She always responds to my queries quickly. She also mentioned that she was aware of this case and that the real 'kenechukwu97' was trying to get the hacked Discord account disabled by Discord.

Then Ecency also banned the account from their Discord. At this point, these steps were taken to minimize the damage the hacker could do by stealing the identity.

Why does sharing this matter? I personally believe that by reading this, you might understand a new type of scam because we had two identities here claiming to be real. Don't worry, the mystery is solved. He can video call to prove further, but of course, his real face and voice is known by only a few.

Once again, Hive has succeeded where Discord and Twitter have fallen short.

Join Binance through THIS LINK for 10% off trading fees! Let's save together!

Sort:  
 4 months ago (edited) 

Thanks for the role you played in passing the word around. The community have done their fair share to make sure no one got burnt in this.

I wil still be in crisis management mode until the account gets banned by discord.

Take your time. :)

See in PYPT (PIMP YOUR POST THURSDAY)

 4 months ago (edited) 

There is a forensic intelligence tool that is used to help in cases like the one you mention, and it is MALTEGO, using it you can locate all the social networks on the entire internet of that person. Is hacker stuff, you can easily install it on linux or using power shell on windows.

The good part is that you managed to take measures in time and stop all the damage and its consequences.

It is important to always take action. Usually if these offers are too good to be true (no one is going to pay $18 an hour, that's a fantasy, let alone for that type of work) then they won't be. It's what the rule says, and it has always remained that way.

Thanks for sharing more information on this topic. I noticed that the tool you mentioned is a paid service. Previously, the account was used by a real person, and I wonder how this will affect the results.

Now, I'd like to suggest something. You could try using the WireShark tool. I learned about this in university. It can be tricky and sometimes generates false positives, but tracking location during a 1v1 call is possible. I rarely use it and am not proficient, but it does exist.

 4 months ago  

Wireshark requires field work, that is, you have to be in the surroundings of the target networks to have greater precision in the intersection of packets, and that requires other more technical measures and other procedures that involve other types of illegal activities (such as hiding, surveillance techniques, disguises, etc).

Puedo decirte que en repetidas ocasiones me toco hacer pruebas para una empresa privada,que requeria un analisis de sus comunicaciones, y me toco desplazarme a las distintas franquicias de la empresa para realizar el pen testing usando wireshark, logrando detectar de esta forma (solo estando en la franquicia especifica donde se originaron los paquetes) el saber su origen. Como referencia el proceso llevo 6 meses, en cada caso es diferente siempre.

Maltego is paid, currently the free tools that exist do not provide access to the deep layers of information that are required to have the data that clients really need (access to photos, emails and social media), that is the difference.

It's not illegal if the university is teaching students in a controlled environment. Thanks for the additional information.

 4 months ago  

A "controlled environment" does not simulate the real conditions that will be faced in a real event. It never will. The random factor is present, and for example it is not the same to go against the clock knowing, for example, that other hackers are trying to obtain the same information as you, while the network administrators or the police are after you.

In a controlled environment you do not learn to develop your skills, and even worse, it does not prepare you to face reality, which is very different from what they propose in the movies.

kind off true

 4 months ago  

There is no doubt that Hive, in this case, stayed superior.
It is wise of you to go for further verification through memo so the wrong perdon is not supported.
Kene's efforts for spreading the word are also well appreciated.
Hacker chose an account that was trustworthy and connected to many people.

Memo wasn't the only thing I investigated. I knew even you had a hard time trusting the new account. Knowing that Amber had difficulty building trust (you didn't mention it to me) speaks volumes about how thorough my investigation was.

 4 months ago  

Kudos to you for the investigation

 4 months ago  

I am really happy that you secured the situation. And really web 3 is amazing.

YEEEEPPPPPPPPPEEEEEEE

 4 months ago  

Your role in this no doubt showcased the superiority of hive. Telling him to send 0.001 hive was a smart move @dlmmqb . Bravo for rescuing a fellow Hiver.

Just to clarify, memo wasn't the only thing in the process. It was one of the first things I did.

 3 months ago  

I already knew that you had to more than just write a memo to eventually rescue him. It was a smart move all the way 👏

 4 months ago  

Glad you were able to help him resolve the issue. Web3 really saved the day

Web3 is THE WAY!

Great actions there!
!hiqvote

Thanks pal!

This post has been manually curated by @bhattg from Indiaunited community. Join us on our Discord Server.

Do you know that you can earn a passive income by delegating to @indiaunited. We share more than 100 % of the curation rewards with the delegators in the form of IUC tokens. HP delegators and IUC token holders also get upto 20% additional vote weight.

Here are some handy links for delegations: 100HP, 250HP, 500HP, 1000HP.

image.png

100% of the rewards from this comment goes to the curator for their manual curation efforts. Please encourage the curator @bhattg by upvoting this comment and support the community by voting the posts made by @indiaunited.

Thanks for your support!

Thanks!

@caspermoeller89, the HiQ Smart Bot has recognized your request (1/3) and will start the voting trail.

In addition, @dlmmqb gets !LOL from @hiq.redaktion.

For further questions, check out https://hiq-hive.com or join our Discord. And don't forget to vote HiQs fucking Witness! 😻

Did you hear about the farmer that fed his chickens avocados?
All you could hear around there was “guac, guac, guac, guac.”

Credit: reddit
@dlmmqb, I sent you an $LOLZ on behalf of hiq.smartbot

(5/8)

PLAY & EARN $DOOM

I'm glad you were ablt to solve the situation. People can do all sorts of things oo, I really didn't know that one can be scammed through Hive.

I just learnt something today. Thanks for sharing.

scammed through Hive

Sorry, I don't understand what you mean. No, he wasn't scammed through Hive. Could you please elaborate more?

Sorry to confuse you. You said his discord account was hacked right?

Yes, his Discord and Twitter were hacked, but he wasn't scammed through Hive. The hacker stole his identity and was pretending to be him. Hive helped to identify the real person. I'm trying to break it down for you in simple terms.

Oh! Okay.
Now I get. Thanks for the clarification.

Loading...