You are viewing a single comment's thread:
RE: A scammer has stolen our PEPT account
Simply having the pept.json file compromised on google docs would not be enough to gain access to the funds since the keys in the keychain file are encrypted. Therefore an attacker would also need to know the master password, however, if the master password was weak or the computer is compromised by a keylogger, the attacker could obtain both the file and the password, leading to a complete compromise of the account.
Another possibility is that an attacker got the encrypted keys on google docs, and then brute forced the master. Sounds a little bit far fetched, but depending on the length of the master password I suppose it could be possible.
Or a more likely possibility is that someone broke into your house, got onto your computer and did the transfers, maybe a stalker or someone you know or might have seen you on hive?
For the record, I didn't store keys inside a Google doc.
I found a backup txt file and the keychain kc file on my Google drive.
Out of curiosity, when credentials are exchanged between keychain app, or any apps, and a user, is there some server session cookies at play? If so, could a server session cookie be highjacked?
View more