Hundreds of user accounts associated with the popular blockchain-based publishing platform Steemit were attacked today. The team claims that the attack is localised and users' funds are out of risk.
Steemit’s CEO Ned Scott, released an urgent security announcement informing the community that the platform has suffered a cyberattack and possible theft of funds:
“Steemit was today subjected to a cyber attack. In the attack, fewer than 260 accounts were compromised, and less than $85,000 worth of Steem Dollars and Steem may have been stolen.
The hack has now been contained. User accounts and wallets are not at risk, and we hope to soon reactivate the Steemit website to normal order. Any users whose accounts were compromised will be completely reimbursed.
Though only a relatively small amount of Steem was stolen, we take any form of criminal activity against our community extremely seriously. We have reported the hack to police and other cyber crime authorities, including the FBI. A full, internal investigation is currently being conducted and we are working on an immediate solution.
Partner exchange Bittrex was informed of the compromise and is actively helping the investigation. As a precaution, they have temporarily suspended the ability to deposit or withdrawal Steem and Steem Dollars from their exchange. The suspension will be lifted as soon as possible.
Thank you all for joining us on Steemit. We apologize for the temporary disruption of services and look forward to resuming operation of our social network.
Regular updates will be provided here on Steemit.com
Users reacted immediately. The first comment, by @steemed, specified that “the Steem protocol (the "coin") was not hacked, nor was any smart contract running on top of the Steem protocol. This hack is a website hack where a hacker stole funds and account credentials, and not a hack on the coin itself, at least according to the best information available when this article was written.” Some users advocated for tighter security on Steemit. For the most part, the community was supportive and praised the development team for professionalism in dealing with the attack. At the press time, the security announcement gathered nearly 1,000 Steem dollars.
Still, many users demand a detailed description of the hack and enquire about reasons why it succeeded.
Throughout the day on 14 July, just ten days after the platform executed its first payout rewarding contributors with $1.3 million, the website of Steemit was down at first, and then in read-only mode displaying the following notice:
"Sorry for the inconvenience but we’re performing some maintenance at the moment. Website is working on read only mode. We’ll be back online shortly!"
Currently, the login, posting and voting functions of the website are working normally.
Steemit is a blockchain-based social media platform, which pays its users with Steem cryptocurrency for quality posts, comments and votes. It has seen an explosive growth over the last two months with the number of users increased by record-breaking 3200%. According to the last day’s estimations, the Steem cryptocurrency has reached the third place in market capitalisation after bitcoin and ether, jumping from $13 to over $250 million in only 10 days.
Diana Bogdan, Svetlana Nosova