One of the most promising blockchain projects yet was hacked. According to the official statement from Steemit, 260 accounts were compromised, and about $85,000 USD of Steem – Steemit’s cryptocurrency – were stolen. While the staff at the new social network deals with the aftermath, the attack raises a few questions. Chiefly among them is how hackers seem to be hitting new blockchain based projects as soon as they come out.
Steemit, the DAO and even Bitcoin
This could mean that there is not enough testing for the security mechanisms before these projects go live. In the case of Steemit, the amount stolen was probably the smallest of any of the other projects that have fallen victim to hackers. Nevertheless the attack went against core Steemit security features, unlike previous attacks to the DAO – on the Ethereum network – and bitcoin – for which there are countless stories of coins being stolen.
A Quick Response
When bitcoin gets stolen, it is solely the responsibility of the holder; the network is secure and works well. On Ethereum, when the DAO hack took place, Ethereum’s code performed as planned. It was rather the DAO which made a mistake on their smart contract, and as a result the hack put Ethereum’s commitment to decentralization in question. The Steemit hack was fundamentally different, so the response was quick and there was no doubt about who had to respond and who was responsible.
The response was indeed very effective and quite quick. The network was quickly secured, and the hacker(s) got away with a relatively small sum of money – unlike in the DAO’s case or the various cases in which bitcoin has been stolen. The network also responded by restoring the amount stolen, recognizing the mistake and working diligently to keep Steemit’s momentum going.
Steem Lower in the Aftermath of the Hack
As a result, the value of Steem was affected. Its seemingly unstoppable growth was halted and even reversed. Although this cryptocurrency lost some value, it could have been worse. Now hopefully it will quickly recover its momentum and growth. For the time being, Steemit’s staff is giving its users a few security recommendations to avoid future hacks. These recommendations are pretty similar to the ones given out by any other user based network which seeks to secure user data:
- Reset passwords.
- Use strong passwords for each of the 3 keys needed on the account.
- Use different passwords for each of the three keys needed on your account.
Final Thoughts
Although attacks like the one on Steemit, seem to be the rule for new blockchain projects, in this case the damage was contained quickly. This should allow users to trust the network again and rely on its ability to cover its previous shortcomings. The quick response was also accompanied by clear statements and updates about the situation, which encourages credibility. Nevertheless this and other cases serve to teach other blockchain projects a valuable lesson: test security features and look for any possible loophole more rigorously before launching the network and acquiring users.
Click here and here to read the official Steemit blog entries about the attack.
