100s OF VULNERABLE STEEMIT ACCOUNTS! >>> CHANGE YOUR PASSWORD NOW <<<

in #steemit7 years ago (edited)

So I decided to use the common tool Sentry MBA, and very quickly managed to create a config which worked flawlessly on Steemit without the use of proxies. My suggestion to steemit admins would be to implement more strict captchas and other anti-Sentry MBA security measures.

download.jpg

Ran a simple rockyou.txt wordlist as well as exploiting default passwords given by steemit (which are usually 'random' 32-bit strings, which contain nothing but lowercase letters and numbers similar to md5 hashes).

Possible accounts affected:

@saryan, @partrician1, @thebookofuma, @vinayakn, @archerbest, @rhonob, @boren, @yoto, @steemitwahine, @bearone, @sambo-rambo, @glasnicce.shoots, @chitty, @gardenlady, @piedpiper, @dimimp, @beervangeer, @mammasitta, @mctiller, @michaellamden68, @britvr, @kakradetome, @riscadox, @jackkang, @furion, @nepalipahad, @exyle, @shredlord, @james212, @ajay555, @mondeja, @alsprinting, @krabgat, @npl77, @rznag, @youngkim, @ap2002, @elena000, @almerri, @awgbibb, @telos, @andrewawerdna, @nick1989, @daniel82, @trendwizard, @holoz0r, @noggfresh, @totosky, @lifebyadam, @heroic15397, @makis84, @insteadofmoney, @steemsports, @steemtv, @steemvoter, @muks, @carlosgarcia, @soundlegion, @sdwahine, @steeming4, @mornevd, @dragon40, @prezident0001, @roydowding, @sebastianjago, @mattandcristina, @ryanthegecko, @mytechcrunch, @corvuscoraxx, @dovetail, @ligrev, @marcelbraendle, @steemian69, @saikababii, @ceres, @hebrew, @anwarabdullah, @maryfavour, @ghostwriter82, @boxmining, @harleymechanix, @kyoubrian, @malonmar, @cryptokid003, @torem-di-torem, @andrianna, @blackamine, @albertoyago, @adamhole, @datkrazykid, @fatboyjames, @bloomberg215, @nschairer, @topsnav, @buster544, @bryguy, @sqamemal, @greencrypto, @gordonovich, @meme.for.steem, @sorinagt, @artemisia, @instantcoin, @popponayashelly, @doc-speakeasy, @abcdoctor, @raffael, @stefanarud, @reisolutions, @thomasaquinasftw, @rlh100, @skytrex, @cryptocat, @rizasukma, @ijoel, @futuristgear, @licklake, @newprepper, @haywiree, @alexanderglass, @roomservice, @cryptoactive, @lykencrypto, @boyetyamasaki, @cretin, @korinis, @almaamor, @sune-r-h-p, @tizswa, @buguela89, @jigarparmar519, @lupin, @arunava, @steve-speaks@thomaskikansha, @chingyi, @brothermic, @crypt07, @chaudhry, @stay9n0, @aaronli, @danielle13, @dim1331, @berkah, @xeldal, @adol, @hr1, @xeroc, @steem-id, @lovejoy, @nenad-ristic, @hipster, @instructor2121, @pal, @lola-carola, @blakemiles84, @pangur-ban, @dana-varahi, @tee-em, @michaelx, @albertogm, @crok, @tyler-fletcher, @razvanelulmarin, @venuspcs, @sgtechservices, @good-karma, @roelandp, @nerdlab, @stranger27, @gatoso, @on0tole, @anasya, @vl248, @sveokla, @marinabogumil, @cloh76, @dwinblood, @condra, @raymondspeaks, @kell234, @hyiparena, @rouketas, @fiveboringgames, @konti, @fiona777, @phenom, @bitcoiner, @sharker, @zaebars, @mysteem, @winstonwolfe, @happyphoenix, @kooshikoo, @fatboy, @tygergamer, @bkkshadow, @smailer, @dmilash, @dirty.hera, @gomeravibz, @litrbooh, @always1success, @letc, @brendio, @mama-steem, @yoshiko, @stephen.king989, @uuuhha, @romancs, @ipumba, @krishtopa, @future24, @cmorton, @mythras, @vegascomic, @nano2nd, @dollarvigilante, @anotherjoe, @serejandmyself, @demo, @skylineking88, @ethansteem, @mrlogic, @barrycooper, @sethlinson, @shadowspub, @leno4ek, @nulliusinverba, @charlie777pt, @randomli, @nadin3, @xanoxt, @victoriart, @tatianka, @kralizec, @benjamin.still, @ebargains, @elena-singer, @dexter-k, @charlieshrem, @tracemayer, @feruz, @burnin, @anton333, @ekaterinka, @michelle.gent, @bestofreddit, @worldtraveler, @borishaifa, @okean123, @haphazard-hstead, @fortinbuff, @luzcypher, @grisha-danunaher, @rymlen, @killbis, @htyfn, @rusteemitblog, @ninkhisibir, @orenshani7, @therajmahal, @steemtrail, @marel, @luismy, @steemlift, @marialin, @steemvest17, @astral, @tdv.witness, @ebryans, @jessamynorchard, @max-max, @sstefan, @steemaccess, @garvofe, @innafanz, @hansikhouse, @maxse, @gardening-trail, @foraging-trail, @nikflossus, @baerdric, @alex1983ch, @technovedanta, @esteemapp, @yadamaniart, @ourlifestory, @irawandedy, @steemittalk, @beeskee, @v4vapid, @gildar, @saleg25, @soushi888, @meysam, @steemnews.online, @michaeladamparis, @lastminuteman, @things, @triddin, @cheah, @internutter, @marcosespes1, @fiction-trail, @kostaslou, @jasonrussell, @fbechstein, @poetry-trail, @killinhersoftly, @elgeko, @bounties, @steempoll, @cgame, @blockchained, @ogochukwu, @paolobeneforti, @maninayton, @cfreidsma, @torkot, @libertylol, @frocush, @vadbars, @carbunco10, @heikomahr, @mckenziegary, @crawfish37, @unmean-stweets, @steemfactory, @singa, @tipping, @thecrazygm, @sidwrites, @leanvix, @itchykitten, @tremendospercy, @reconnectnature, @lenadr, @readmore, @gohba.handcrafts, @tj4real, @vaibhavshah, @taica, @xenitron, @royalko, @jimsparkle, @nuagnorab, @victorier, @linuslee0216, @petkovski, @ercpok, @chl, @zenprogressive, @minnyfatty, @fzfred, @droucil, @shirish5 @fatkid, @shirrou, @amvanaken, @bewe, @adhoctoth, @jaymacvapes, @amristeem, @jerrev, @jaynectar, @anzhu, @bufferxtech, @avikal, @stervocka, @bitsbetrippin, @minhaj.zee, @finance2nomad, @jimybpt, @kenshiu, @slackerstacker, @hashbrown, @gasser484, @avercetti, @mrilevi, @ritualjunkie, @demco, @alejotorress, @shadowmonk, @djbk, @cbennett94, @oxicleanedjamal, @cryptovest, @karmamichele, @cryptogaming, @inalav, @sandy143007, @nhuanvolter, @princekhiwaliya, @bernardrussell, @umit, @jasnxxx, @shawnpady, @hussnainrazakhan, @sohaib1, @sneakydevill, @niallsemple, @unipaint, @humannature, @proctologic, @yefet, @makishart, @gregory-f, @nomoreheroes7, @cyan91, @gavvet, @richman, @avarice, @acidyo, @hossary, @steve-walschot, @klye, @oaldamster, @cryptofunk, @dragonslayer109, @thecryptodrive, @peter-parker, @infovore, @mark-waser, @norbu, @grey580, @juanmora, @matt-a, @yogi.artist, @cryptochannel, @slowwalker, @jacor, @steemit-life, @senseiteekay, @alone, @speda, @igster, @meesterboom, @juvyjabian, @gregm, @hastla, @kendewitt, @the-future, @mynameisbrian, @sgnsteems, @opheliafu, @jens84, @sauravrungta, @crazymumzysa, @ace108, @michaeldodridge, @sazbird, @bullionstackers, @walkerlv, @nekromarinist, @theprophet0, @merej99, @reneenouveau, @andrew0, @lenatramper, @joele, @denisoi, @theabsolute, @hanshotfirst, @lordvader, @bledarus, @wakeupjohnny, @wisbeech, @tolik8080, @creadordelfuturo, @levycore, @englishtchrivy, @jlufer, @uwelang, @davidjkelley, @digital-wisdom, @ethical-ai, @matthewtiii, @triplep, @jwaser, @mixacool, @damarth, @bwaser, @renzoarg, @cleateles, @bontonstory, @ellepdub, @pickoum, @herpetologyguy, @ocrdu, @s0u1, @lajulius, @morgan.waser, @bonvivan, @awesomenyl, @strong-ai, @projectnewbie, @ivand83, @tata.lucette, @bleujay, @lydon.sipe, @aldentan, @wakeupsheeps, @giantbear, @keuudeip, @mokluc, @joshuaatiemo, @eroche, @whatageek, @johnrenald, @crowdfundedwhale, @trans-juanmi, @collabornation, @technoprogressiv, @damiendecoster, @finder, @tradeqwik, @enju614, @dreemit, @juliosalas, @madlenfox, @colin-porter, @fibra59, @riostarr, @inber, @lazariko12, @sardrt, @automaton, @fisteganos, @da-dawn, @eem, @mariaalmeida, @tiowaldecir, @buzzbeergeek, @fleur, @decentralizd, @elementm, @lunatichai, @steemlifestyle, @eddiejmc51, @timvloggt, @muhammadrizal, @btu, @robert-call, @trevis, @zuheimi, @emonandels, @couch-potato, @carloserp2000, @connecteconomy, @natorious, @dracosalieri, @detlev, @myvoter, @qwesttexas, @skririm, @looftee, @fingersik, @razorborn, @steveitt, @marxrab, @cryptodragon313, @ctrl-alt-nwo, @crazykipps, @hackerwhacker, @rolf.bakker, @contentguy, @graveric60, @dankh, @passion-fruit, @david777111, @betag, @richard78624, @queenpine, @c86l, @billyjohnsonart, @wonka, @sighmanjestah, @minotaura, @cobramovin, @dazanar, @mandagoi, @etcbits, @papascrubs, @clysse, @jznsamuel, @eliel, @indepthstory, @ericwoelk, @stadsmanneke, @hebro, @user786, @laloelectrix, @elprofe62, @youknow212012, @scottish01, @bnt, @budimir, @recrypto, @matiasrodrigo, @uruiamme, @mk40, @datosin, @patasieduagh, @cityofzanj, @arqetype, @ally1of4, @vmsolutionsltd, @ubertec, @carwilva, @frostyamber, @babes-mm, @gichan, @justcallmemyth, @warriorlion, @yaoyeguard, @flepmajoor, @chrisx, @skyrex, @azethine, @doughnutsmuggler, @tonygags, @enomujjass, @pf-coin, @debugger, @sahar.meshkin, @dxgam, @mintsauce, @ridi20, @dattabitcoin, @jungleebitcoin, @king-aceh, @jony, @ritsjert, @shehryar, @hintenberg, @oromisglaedr, @nickdavison, @digitizemycash, @capitalpink, @scribblexio, @digital-gypsy, @coinmeister, @gose, @john1981, @skaylap, @tuakanamorgan, @edb1984, @cantribute, @v0nd, @anacristinasilva, @joecoleman, @mcfelix15, @aworandx, @qzsg, @minjun, @paugamit, @infidel100, @surgeo, @kenhudoy, @chedo, @diverse-thinker, @johnlue @inverse, @woojin, @mooncat4289, @jingdol, @muyoung, @sophiamom, @signalandnoise, @vip, @morning, @ninzacode, @leesunmoo, @jay4u, @btcbtcbtc20155, @sokoloffa, @lsc9999, @kview, @kopasi, @ssm1810, @tommycoin, @stylo, @jyp, @inchonbitcoin, @dubi, @ksc, @sigizzang, @arama, @twinbraid, @lhy, @kachinhenry, @sanghkaang, @chromium, @very, @dongu, @superremnant, @july01, @votelotto, @steemexwon, @foodmap, @steem-myanmar, @gotoperson, @neojew, @neogia, @cljg918, @abduhawab, @yuslindwi, @gifmaster, @mandela, @intrepidthinker, @anemona, @jondahl, @behappy7, @seongbuk, @gogumacat, @m8586, @bitcoinsig, @onizuka, @coinkorea, @fernandam, @jazznism, @maa, @goldenman, @jongyeong, @thatgermandude, @ludorum, @toru, @martin007, @tworld, @kskarthik, @changkyun07, @venti, @cherryblossoms, @ludorum-pick, @innovit, @bosman, @daystar, @insic, @ihsan, @pys, @palejack, @koreaculture, @toran, @escher, @temps88, @musicholic, @pyorinho, @maruchi, @teora, @lastofw, @shinidanitv, @ki844, @leomichael, @jeongmincha, @jaguarb612, @toptimist, @nemjun, @jonver, @kaliam, @mattchoi, @gunchul, @usim, @uplus, @choind, @waystobecalm, @freshstuff, @rdccsteem, @acceptkim, @soyo, @boostyou, @danbain, @teojin0503, @oldtaste, @successtrainer, @ghana531, @ammonoidea, @krdoko, @hangeul, @sbg, @yoona7487, @leesongyi, @dmy, @kim0jh0, @sunnnside, @coinist, @zusteemit, @azathoth1942, @iieeiieeii, @philipkoon, @benniebanana, @yoons, @huchu, @laivla, @geusgod, @bemore, @tuvero, @steemit-korea, @steemfuzzy, @meadowolf, @minsa66, @heejin, @no1wolf, @beajinsu, @yidar, @nkc79, @korecaster, @pald, @zweiblue, @snow-airline, @foooodman, @kyongkyulee @rafael1983, @dwells, @lovleacloud, @pennsif, @pennies, @mongosmash, @jtitus07, @beatitudes8, @pizzamacgyver, @warriormom, @jarobbins11, @hopespringsetrnl, @essentialoilmom, @mamahubbard, @joce289, @gulfcoastgardner, @gordoe, @joshua-1, @chikkadea, @jeremiad, @k1k1, @hotham, @northofatlanta, @tuck-fheman, @nikolai, @full-measure, @arcaneinfo, @artem-sokoloff, @tommyquest, @ausbitbank, @fulltimegeek, @khursani, @bitland, @krystle, @adamt, @animus, @bola, @arcurus, @papa-pepper, @brianphobos, @jasonstaggers, @tommycordero, @jhonprinces, @joshsigurdson, @themonetaryfew, @runridefly, @sammie, @daveks, @freeinthought, @ghasemkiani, @titusfrost, @allyouneedtoknow, @yuriks2000, @rigaronib, @inarix03, @lucashunter, @wakeupworldnews, @ianstrat, @shady, @geggi632, @chromiumone, @kennethbosak, @tigercats, @little-peppers, @a-condor, @ijavee, @azlicr, @honusurf, @macstyly, @eyeofthestorm, @sawang, @plainof6glaciers, @estronitex, @pbock, @mutant-x, @toniesteem, @grandpa-pepper, @truthceeker333, @charxrid, @moksamol, @patrickmohr, @froghollow, @dune69, @makecents, @omninova, @nap-g, @roadkill, @joklahoma, @barbara-orenya, @garden-to-eat, @greenacrehome, @schlees, @eggmeister, @opinizeunltd, @scorchdojo, @shahzadnisar, @jiva34, @thelemicdragon93, @rohnsleather, @robc, @nristen, @countryprepper, @greyman, @thelionwithinus, @securedcomputer, @cheapassbastard, @timmo3663, @urbansimplicity, @raincountry, @bucko, @gregorythomas, @mkcmst, @saved4newlife, @simms50, @daddykirbs, @mygraymatter, @drprepper, @lifewright, @unclemike, @gardener, @ironshield, @papermill2006, @bthompson, @jacoblesterread, @marillaanne, @stormriderstudio, @bernz78, @benzomatic, @maxdevalue, @lokii, @henaynei, @beyondmountains, @travelersmemoire, @afhusna786, @theywillkillyou, @whytedragons, @gyanibilli, @bakermom, @dafinds, @nolongerignored, @benjust123, @freetissues, @engineertomas, @sandhillson, @thehomesteadlife, @raynewman729, @ernstjan, @minighomestead, @jenwen, @stortebeker, @olinweisz, @gregandsandyk, @agilblade, @flightgod, @piggypower, @nuedareniel, @blaze007, @inanna @etnique, @jupiter5, @marle718, @ivan-perez-anies, @juanmiguelsalas, @heiditravels, @avellana, @twinner, @gargon, @pgarcgo, @wartrapa, @efrageek, @moisesmcardona, @albagargon, @joaquinpixan, @nomadnessie, @crowe, @titin, @betamusic, @jgcastrillo19, @juliamateo, @teo, @dresden, @alfredozofio, @dulcinea, @mdcomes, @cervantes, @aniestudio, @assus, @jorlenbolivar, @tamim, @loreennaa, @teacher, @tincho, @fidel-castro, @mckenzie259, @acromott, @clacrax, @osmerj, @gmaktub, @oscarcc89, @kilianmiguel, @bwmiao, @adipranatahendi, @joseluishimself, @lrsm13, @cindycam

If you are in this list, I likely have your password and would advise you change your password NOW.

Sort:  

random BS ! ofc i dont have the default steemit psw ! lol failed

You have a very weak password.

Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://steemit.com/steemit/@sigmundnash/exposing-steemit-voting-collusion-6-potential-voting-rings-found

Yes, this is where I got my account wordlist to use for cracking accounts with Sentry MBA.

looooool what shit is this?