This means the account was compromised and a vesting route to his account was setup. Basically anytime the account powers down it is sent to the account set as the vesting route. It is common for this to happen when an account is taken over. They immediately set up a full power down with all stake going to their account. Even if the victim gets their account back and changes the keys they may not know about the vesting route sending their funds to another party. In fact they may cancel the power down and then years later power down only to have the vesting route still set to the hacker.
You are viewing a single comment's thread from:
So, there is no way to mitigate the hack? Even if the power down is stopped and the keys were changed?
You just reset your vesting route when you retain control of your account.
And how am I going to reset the vesting route?
Vessel is the easiest way, I don't think front ends have exposed an interface to see or change vesting routes. I know @peakd added support to see it in account history, but only if it changes. I got Friday to add it to notifications.
Thank you, I didn't know about the route until we had this conversation.
I think that's true for a lot of people, it's not a well known feature and easy to overlook after recovering your account.
Sorry to disturb you, but I saw this on hiveblocks, this is one of the accounts that was compromised, does the value "Withdraw routes 1" mean that someone has changed the route? In this case, sepa666?