Record the #dugu hacking incident and my analysis

and these are exactly the reasons why people can get their chia coins stolen because they use totally unnecessary 3 party tools that don’t offer any real new features, because all this can be achieved with the “official” software of chia.

the same if you think you have a cold wallet only because you use it only once every 3 months…

if so many are affected (over 400, which i don’t believe) then it should be easy to find out how the wallet was compromised.

and please don’t get me wrong i’m really sorry that it happened to the people, but somehow i don’t see the self-knowledge of any affected person that he did wrong himself and made it very easy for the “hacker” to get his chia.

if the at least found out where the weak point is, the complete comunitie would also benefit from it, but so far here are always just wild conjectures and blamed different pools, have you ever thought about how they find it?

have a nice day

Thanks @Hiya for the write-up.

The point made by @Voodoo is very important. Don’t let this incident scare anyone away from pooling. Just ensure that you are in a pool using the official chia pooling protocol. Plot using NFT plots so they are compatible with the pooling protocol. If you go to join a pool and it requires you run their proprietary software, look somewhere else.

If you give someone your keys, that farm is no longer under your control.

Be safe out there!


This is a very important addition, because I wrote it in a hurry, and it may also be a translation problem. I did not express it clearly enough in the previous article.

Risky mining pools are those that use their own programs and ask you to hand over your seed phrase, even if you only use it for a short time.

Join a pool which using chia official pooling protocol from begin to the end is safe.


Wow a lot of detail and very thorough !
Thanks for the read and hard work to share good information


One thing I’d note about the replotting concern… you can change the payout address and keep using the same plots, at least for pool rewards. Use the three dots in the GUI and “Edit payout instructions”


If someone enters your mnemonics in their Chia software and syncs the blockchain, they could change the pool you farm to, but I believe the payout address is specific to the farmer, so they couldn’t change that from a different node.

I am thinking that the farmer reward address (for the 0.25 XCH farmer reward) either has to be changed in the config file manually, or is fixed, and I’m not sure which, if either. I’m sure someone else will have tried to change it and can advise from firsthand experience.

It is safest to replot with a new, secured set of keys/mnemonics, but there might be cases where that’s not practical or efficient. So this will keep earnings coming in until the replot can be done.


wow.this is a very good and thorough analysis of the situation.thank was interesting to read each post

So, why the downvotes for a user that puts quite some effort to help solving this case?


maybe due to the large number of messages in a row, the protection mechanism works like spam. I don’t like it either and it should be unlocked. In your opinion, could there have been an attack through the SQL database, because many people download the database (especially farmers), which explains the theft precisely at farmers.

@dchuk You are the admin, could you check why posts by @Hiya are blocked, and remove those blocks.

Also, let us know whether that was caused by some bored forum member (potentially ban that account), or rather something else was being triggered and maybe relax the offending rules.


Normally, downloading the database has no effect. While not entirely impossible, it’s extremely unlikely.

This forum is mostly unmoderated, that’s why it has become so toxic.


There are two separate issues here.

@Hiya’s posts were somehow blocked, and only @dchuk can fix it. The way to put some pressure on him is when others will also quote his handle, to let him know that this is not just me whining. So, you can potentially help here.

As far as forum becoming more and more toxic, we (the forum members) can also enforce some rules and moderate it a bit; however, it looks like we prefer to have the forum go toxic way, rather than flag (keep flagging) some [repeated] offenders.

1 Like

We can’t do anything about all the moderators being away. As you can see, bad actors are taking advantage of this fact. This is why I almost don’t come here anymore : it’s become a complete waste of time since we’re arguing against trolls that are probably using chat-gpt.

@dchuk can you fix this please and let us know why they were blocked?


@dchuk tagging you as well. Hope you can come back here and make this forum a good place again, but I have low hope.

1 Like

Has anyone that got XCH stolen and transferred to the dugu address and having downloaded the blockchain db file before a still unaltered copy of it, for example in the download folder?

If so, would it be possible to upload the file and PM me a link to it?

Maybe this has something to do with it:

1 Like