Check out what Hiya says
https://twitter.com/hiya1024/status/1632423168307777536
Due to the recent incident of stealing XCH, many friends are concerned about how to keep their assets safely. Here I would like to recommend you to use Pawket to create an Air- gapped (offline) wallet.
Here is the tutorial:
hello to all,
i read all posts and i still have no idea about my personal security.
no announcement has been released by the chia developers.
also, my personal opinion is that cold wallets are also not secure because they can be synced.
Unfortunately, I will be selling all the chia in my hand soon.
Iām in a panic of being ignorant.
Cold wallets are really not affected by this issue as long as they are really cold. Many confuse a warm wallet with a cold one, tho ā¦
This really isnāt a āChia developerā issue. The few folks impacted arenāt exactly providing detailed reports of their activity leading up to their hack and thereās a lot of misinformation floating around ā like claims that 10% of farmers are impactedā¦ my analysis shows just 22 farmers with more than 5 XCH stolen.
Unconfirmed theories that have been mentioned:
- SweetChia OG pool users
- ChiaYY OG pool users
- Fastchia plotting manager
If you have a true Cold Wallet,
Which is a wallet created on a fresh device never connected to the internet after being refreshed (HD formatted and OS reinstalled), and never connected to the internet afterwards! Plus, your seed phrase that was written down has never been seen by anyone else.
Than you are perfectly safe.
So, maybe itās just some marketing gag after all?
Thanks for your time digging that information. Even with a margin of error, that 22 affected farmers with over 5 XCH lost is the most helpful piece of info here. At least for me.
I also think confusion happens because
- human communication is hard ( Wiioās laws )
- many of us use English as second or third language
- saying āyou made a mistakeā or āit is your faultā will be taken the wrong way (who here has worked with a team from China?)
A friend of mine got 6.5XCH stolen yesterday, and it was at this hacker address.
There are still many people affected. In the Chinese community, I have directly heard more than a dozen cases.
Here is my friendās address: xch126ga22nh0ggz8w6twxmu93nmauwdknclj4kt5mtawv0fyt3jap4shstkt2
A new piece of information I got here is that a large number of people who have used YYpoolļ¼Chiayy.comļ¼ have been stolen.
Still donāt know why.
if you consider it a marketing gimmick then what is the benefit. personally, I have a lot of coins and an nft project and a farm and I would absolutely not want anything to happen to the chia blockchain. On the other hand, I want to warn those who are in danger. Is the chia forum only for good news?
29 coins were stolen from my friend. He assures that only the borrowed coins were stolen from a cold wallet created on a virtual PC with the ubuntu system. Of course, I think that he compromised his phrase, but I share his concerns.
I farmed Flax, Chives and tried to farm HDDCoin. I can tell Flax and Chives are fine as no impact to my farm
hereās what I found interesting
Are all the people losing Chia to a thief running windows? And do they have One Drive active on those computers?
does anyone know what happened to the attackerās wallet, I see that he was banned!
Thatās just a label I added to the interface, it doesnāt prevent the attacker from doing anything unfortunately.
The best course of action now is urging everyone who isnāt 100% confident about the security of their setup to move their funds to a fresh wallet generated on a separate machine.
The day i was hacked, iāve opened āPlotManager.exeā (madMax0.1.5) too, for re-ploting some files from error log.
Do we open the plotting program and got hacked?
Maybe the same label should be added to all outgoing addresses that one is using?
My coins are gone too and I use āPlotManager.exeā the same way but Iāve been using it for about 2 years now! and now there is an attack
This attack is a bit off the markā¦
The information the plotting program needs is the farmerās public key and the address of the pool contract. Is this information enough for an attack? Let the experts speakā¦