A few days ago, I logged on in the morning, as I often do, and as I used HiveKeychain to connect, I received a strange notification telling me my keys were not valid anymore - at least on the keychain (so far).
Welp, I thought it was strange and wonder what it could be, but so far, no worries in mind.
Then as I landed on my wallet page, I realized that 1) all my hives were gone, 2) a power-down had been initiated and 3) my savings was being emptied to another account.
I quickly did some research, and looked for my Trustee/recovery account, which in my case was a friend and not an automated service. He directed me towards @hivewatchers and their Discord, who also directed me towards @arcange and their Discord.
From there, I was directed towards 2 services :
Now, I have recovered my account, stopped the power down and the saving's transfer, but I've lost a fair amount of hive/liquid hive to that hacker.
They will then add your account name (that you wish to recover), the New Public Owner Key that you have sent them (and not the PASSWORD that you have kept safe somewhere), and their own account name (Trustee Account). They do not need to enter their active private key, Hive Keychain will take care of that step.
Once they have send the recovery request, you, as the account you want to recover, will have 24 hours to proceed to step 3 of the first page (the Recover Account page) and accept the recovery request :
Enter your account name again, the PASSWORD that you have kept safe somewhere, and then your previous PASSWORD that you (also) have kept safe and sound somewhere ; in the case your account has been hacked and your keys changed, your previous password (recent) will still be considered a "valid recent password" for the following 30 days, if I'm remembering correctly
Once this is done, click recover account, and bim bam boom Bob's your uncle, and the new Password you have generated in step 1 is now your new master password. If you want to change your keys, and you need to see them, you can see the rest of your keys with a tool such as this key generator, by simply entering your master PASSWORD and checking the rest of the keys associated with it - save them somewhere safe.
It's possible that if you've been hacked, the hacker has changed the vesting route to another account to take possession of the power down. I saw that while looking in my "recent transactions" from my wallet, but had no idea what it meant.
Here's a good article about what they are and how to change them, that was given to me by @mein-senf-dazu who has been a big help in the process. I won't describe and write down the process, as this article does it very clearly and simply.
Excellent!
We are very happy that you have recovered your account :-)
@arcange @reazuliqbal
Hi, i was searching about hive security and came across with your post. So sorry that this happened and i would like to understand more about what happened.
Do you think you exposed your keys in phishing website or you got hacked?
You had your keys on mobile and pc as text?
Asking cause looks like this guy is searching targets across hive.
Quick investigation found this:
Maybe you can try to see who this memo belongs to.
Sent to bdhivesteem-54.070 HIVE
Aug 29, 2023
100036993
Withdraw from vesting54.070 HIVE
Aug 27, 2023
Sent to deepcrypto8-54.038 HIVE
Aug 22, 2023
100276706
Withdraw from vesting54.038 HIVE
Aug 20, 2023
Sent to deepcrypto8-54.007 HIVE
Aug 15, 2023
100276706
Withdraw from vesting54.007 HIVE
Aug 13, 2023
Sent to sepa666-53.982 HIVE
Aug 9, 2023
Also, do you have the vesting routes article to share?!
I put a link to it in my post ! :-)
View more
Glad to read you were able to recover your account @julesquirin