Important Security Update
Verify if your account was compromised and take action.
Previously in December, we reported a number of user keys were intercepted by what was a yet to be determined means. At the time we had only limited information but were able to ascertain quickly that it affected telos sign users and made recommendations for all telos sign users to update keys.
Since then we have worked diligently to identify the exact methods, the source and scope of the attack. We are able to report we have succeeded in that operation and will be providing a detailed report in the coming days.
Key Information ahead of the upcoming full report
A total of 16 accounts had funds stolen, the amount of funds stolen is 500,202.3 TLOS.
A further 162 accounts had compromised keys but no funds were stolen likely due to the comparatively small amount of funds in those accounts. The 16 accounts that were stolen from held 95% or more of the total assets held by compromised keys/accounts.
The total number of accounts compromised represents <0.0002% of all telos accounts and the Telos blockchain itself was never compromised or hacked.
Today we are providing a list of compromised accounts so account owners can take action to secure them.
While the remaining funds from the total 178 affected accounts represent less than 5% of the 500,202 TLOS stolen it’s still imperative that these users are found so they can take action — we have seen a handful of cases where funds were stolen after more significant value was added by users. Additionally, the value of TLOS is in flux — a low amount of value now may be significant enough to steal in the future.
Please check for your account in this list and change your keys if you have been compromised.
A-Z of Compromised Accounts that need to change their keys
If you find one or more of your account’s below we recommend you change both your owner and active key for each of the affected accounts. Below the list you will find video instructions to make the change. Alternatively, affected users may decide to move their funds to a new account with different keys.
Click here to view the specific public keys that are compromised along with accounts.
123sebastien
1mzsxsnwr3tw
1uprj2cszkbx
4atzar5oaysn
4pf3q1yjbwtz
5rwguanmaup4
5tygqplcucbl
aerodynamics
amainaccount
amazinglife3
amisyville11
aq1q3j5vgljo
architborda1
atomically12
azcdefghijk1
badconnectio
blablaababaa
bryanlozano1
c4fop4wskh1d
c4rteratelos
carteratlose
chandanakhil
chibuezeugwo
chiuzontelos
christoffer1
coinokom1234
cyqe1p3y1tze
d3xnjwtihbck
damnitleeroy
daniel123123
dedale2icare
deephousedb1
deezwaytlos3
demieanudo13
diangunz1234
digiramera12
dimaswinatha
dinguiterol1
dnskfdvnkl12
dodecahedrox
douge
dujianhao123
e2wvcnwseqju
e3drfg3slzbm
edmondtse123
emu41yfog2sw
everzinc1234
fgwo4nfy2yte
fishcarcatch
fofanabethel
fourchunate1
ftc4vfdspfvy
g3qsnyczf3u2
gabesztelos1
ger3basilisk
ghtxyy23spor
giorgisfrags
gmydmmrsgyge
gobbler12345
greajkcsrugh
h3hosw1fkqlc
h3u4v12cw321
hedorohedoro
hopy4uchidex
hossein3211w
ixw5mrfikcdb
jadogajorcyk
jasonshenjia
jimmyyan1234
joaofonseca5
johndoughbul
johnkarelsen
joshienng145
kanekirollie
kasparss1234
katoomstell3
kmcotelosone
kmcotlevmone
ksmad2w2xdtq
kylemichael1
leixiang1234
lemiliadaire
lf1sc45g3pjs
luhenbipebam
luketwrowley
lvimuo5e2ypd
m5ely1n3hq3w
markusferenc
maxgeiger123
michaelschap
mikeporteous
mohamedazath
mohammadaziz
mrwikuskriek
nakata242424
neqwa2gc5ioh
niatfayyadh2
nimskcryptos
ninothegamer
nofalnawaz11
odinpapamama
ohayoubaka12
oldschool222
ollyollyolly
paalmathisen
perseepona11
perseepona54
peterstanley
philitician1
qtvr1pxodzsb
r5pu5n3igrwy
ralphwallet1
randomwallet
rimcollian25
robin.wilson
rodolfo1234x
rollerballin
roncerotelos
rubentelos55
salemn241111
santanderuno
scandinavia3
shameel12345
soylatelos12
spacecookiex
spljjshfz125
starhelix111
stelios31112
steveaiscats
suigmyballas
sunrainbow15
superhalta22
superhalta44
sytelosacct1
szalonymops1
tarazi121212
telosdangel1
telosevmacc1
telosmachine
telosmarkuss
telosmoonacc
telospaulgm2
thenumberone
therealchips
thetlosvault
tloslompakko
tlswalles212
tomearhart11
tomtomcrypto
toushiktayeb
tydean4real1
typecryptos1
tzjhcxtbsxwa
tzlgzzz21bbb
u4djgj3ocxvk
u5vypoq3xkg3
u5zgzoi3nci3
ulashakanbur
ultimaonline
vbniv5blfolo
vsemmetallok
vzlaxqqg5axh
washywason44
wernerstroeb
westlife1234
wilson
withbenefits
wnb1xtmlkbyx
wookieontour
xiakangconch
xl1zlkocw1ds
xxxxxxxx1111
xxxxxxxx2222
xxxxxxxx3333
xxxxxxxx5555
yhas2nmklz4i
yjghmpagzuus
zhouyingnan1
Need Help Changing your keys?
Download Greymass Anchor (Previously “Greymass Wallet”) then follow the instructions in the video
Stay tuned for the full report
We are very pleased to have been able to determine the full scope of the key theft and know its effects are largely already behind us. We look forward to providing a more detailed report soon.
Wanting to report a security issue?
Send a support request to https://help.telos.net/
About Telos
Telos Blockchain (Tlos) is a 3rd generation smart contract platform that offers compatibility with Solidity, Vyper, and Native C++ smart contracts, providing full EVM/Solidity support as well as a fee-less native smart contract layer upon which the EVM is built. Telos performance is unrivaled in the industry and was purpose-built to offer speed, scalability, cost-effectiveness, decentralization, and end-user fairness. The network can sustainably support hundreds of millions of transactions per day, produces blocks in 0.5-second intervals on a first-in-first-out basis (eliminating frontrunning on the network), offers a fee-less native, and low per transaction cost EVM (<$0.10), and a fully decentralized block producer network.
