You get this email! You can’t believe your eyes! This message tells you that your entire XLM balance has been transferred to an unknown Stellar address. One thing is for sure: you did not authorize this transaction! Please help me! How did this happen? How is this even possible? Why is this happening? What scoundrels!
The shock and frustration after receiving such an email is immense, especially since you have no idea how the hacker got your money and your precious XLMs are gone. Stolen by someone who somehow managed to access your account and transfer your assets to an inaccessible Stellar account. Through StellarDex, your XLMs are visible in an account created by the hacker, but you can’t access them; it’s frustrating and heartbreaking.
How did this happen?
You set up 2FA, created a complex password with a login pin code, and installed a VPN on your computer and smartphone! How on earth did the hacker get your money?
There has been a significant increase in the number of hacked accounts, causing a lot of frustration and anger, not to mention the time it takes to mitigate the damage and set up new accounts. Stellar Russia has assured users that the damage will be reimbursed*, but the goal is to prevent your account from being hacked in the first place. So what can you do? What measures should you take to protect yourself from these parasites? That’s what this article and the ones that follow are all about.
Steps to protect your assets
There are many aspects to cybersecurity, and it’s too big a topic to cover in one article. In this first article, we will focus on one basic step: securing your email address.
What email address have you registered with Lobstr or other wallets, and how long and how often have you used it? In the past, there have been numerous significant data breaches at companies that exposed millions of data points, such as LinkedIn with 700 million users, including names, email addresses, phone numbers, and professional information. MyHeritage in October 2017: email addresses and hashed passwords of more than 92 million users. Twitter in 2023: data on 200 million users, including email addresses.
The question
The list is long, and the question is: what happened to this data? What if some of the leaked data included IP addresses that ended up on the Dark Web? An IP address is the identification number that every device connected to a network uses to identify itself and communicate with other devices. And yes, hackers can try to access your computer if they know your IP address.
First steps to securing your information
One of the first steps you can take to protect your information is to check if your email address has been compromised. Visit Have I Been Pwned and enter the email address you use, such as the one you use for Lobstr.
If it has been compromised one or more times, change your email address in Lobstr and update it to a new, uncompromised email address. Make sure that this new email address is secure and not publicly available. Make sure the new email address has a strong password and 2FA enabled.
Proactive measures
While it is not always necessary to change your email address after a data breach, it can be a prudent precaution, especially for sensitive accounts like your Lobstr account. The key is to proactively secure your accounts with strong passwords, 2FA, and regular monitoring. By following these steps, you can significantly reduce the risk of further breaches and misuse of your information.
*Anyone who is hacked will get their tokens back. No need to worry. In fact, nothing is lost. Everything will be returned to those who were defrauded”. – Ivan, Stellar Russia