My NNS has been stolen,Please help me

I have two Yubikeys. The attacker took one yubikey, changed the mnemonic, and after some time deleted both Yubikeys.


This is what the technical team came up with after analyzing the historical block information.Thanks again for their help. They were great.


Thanks for sharing, if you could provide enough evidence for the proposal in the future, I will support. I believe from community point of view, the ICP controlled by you is much better than by the robber.

1 Like

Thank you. I’ll get all the evidence out before I make a motion.


I would definitely support your proposal given everything I’ve learned. To be most effective I recommend you follow the standard set by @wpb in his proposal. Gather your evidence, prepare an article to plead your case and I’m sure the community will step up to assist :slightly_smiling_face:


Thank you. I saw this proposal from @wpb about an hour ago, and I think it would be the best way to launch my proposal


My friend! I have the same problem did you find a solution? I could use some help🙏

Please explain the problem as xiaobing has done. It might be a different problem. Have you reached out to dfinity?

When I wanted to log in a message in Swedish appeared saying" use security key with" when I pushed the ok button it said choose how you want to use the key, by USB by nfc or by Bluetooth🤦‍♂️ I haven’t activated anything like that😞

I reached out to dfinity, and the guy told me to use my seedphrase to restore my account. Tried and it didn’t work. I have the anchor id and the 24 seedphrase written on a paper.

1 Like

When I was searching to solve this I came across a few people with the same problem, but didn’t see if the solved their issues.

Dfinity’s technical staff analyzed the historical block information and knew that my account was stolen. I wonder if this is an external function that allows all people to query their history records. So you can see what’s going on to cause the mnemonic failure.

Is there the possibility of user defined security options such as “send me an email when account is accessed”, or “limit the location of the access device”? They could go some way to make it harder for other people to steal an account

1 Like

Also some time delay when you want to change mnemonic would be nice

Come here and tell it : Internet Identity Lack Of Security - #99 by wpb

Come here and speak : Internet Identity Lack Of Security - #99 by wpb

I am not an expert at all.

All I know about the case is from this thread.
I am so sorry for you, and I really hope you get back your fund.

I am just still curious about one thing and I really hope you clear it up. A skeptical view about the case would be the possibility that the staked ICPs were sold, and removal of the seller access was the buyer guarantee. I hope that this hypothesis helps you with preparing the proposal as voters would not be experts.

I will be grateful if you or any expert here help to refute this skeptical view.

1 Like

Thank you, your point is very good, someone put forward a similar point, so I will publish the evidence I have when I launch the proposal, assuming the ICP pledge is sold, then the buyer can post his evidence. The rest is up to the voters of the community to decide whom they should trust. And assuming the buyer doesn’t know I made the proposal, the buyer can make his proposal in the same way.


Another option is to lock the account down for three or six months, during which no one can access the account, giving the community enough time to determine whether the account has been stolen or sold

1 Like

Thank you. This really make sense. Good luck

1 Like