NO TITLE !

Dear my Rubimily brothers and Rubi mining colleagues around the world, this will be an article with the title "NO TITTLE". We do not give a title to the article, because we want you to focus completely on the detailed content!.

We know that miners everywhere have many questions or even complaints and need us to answer those concerns. Below are the most common questions that we have recently recorded.

? KYC version 1.6 that the development team announced to release at the end of June, why has it not been released yet?
? Why have the recent KYC applications been delayed, when will it be completed?
? When will Migration be open again?
? Was RUBI Network hacked and user data stolen, right?

So in this "NO TITLE" article there are 3 important parts, I need you to follow until the end for your benefit.

Part 1 - Answers to the above questions
Part 2 - Instructions to improve account security and notify if your account is hacked.
Part 3 - Commitments to action and cooperation of the development team

PART 1: RESPONSE TO COMMON QUESTIONS.

? Why is KYC 1.6 delayed?

Although the development team announced that it is expected to release KYC 1.6 by the end of June, which is an upgrade that allows miners to become KYC verifier, thereby improving global KYC productivity. But now we are forced to announce that this plan has been delayed..

The reason for the delay of KYC 1.6 is due to the development team shifting resources to prioritize handling unexpected incidents that occurred in March and April..

As mentioned in previous news, Rubi Network faced a major theft from Phishing attackers and a technical vulnerabilities. Although the development team had response and remedy in promptly, those two attacks also left some consequences that led to the testnet chain is stopping validation. The team was forced to prioritize resources to handle the newly arising problem as well as build a defense mechanism for similar problems. And in the near future, the network will soon have a Fork Chain and restart the Testnet.

? Why are KYC applications taking longer to verify?

While handling the above issues, the development team has limited the access of the staff performing KYC verification and temporarily stopped sending more invitations. The team is doing this to ensure that the attackers do not have any new KYC accounts. We believe that the list of Rubi users whose accounts have been "Phishing" still has many accounts that have not been KYC yet.

We will soon bring back KYC activities after completing the review of accounts that are at risk of being attacked, and to do this we need users to cooperate in checking, reporting and improving personal security (Please see Part 2 of this article)

? When will Migration be reopened?

The estimated timing of Migration reopening also depends on the implementation of the protocol to prevent the theft of mining assets, we are actively working to reopen Migration soon.

Currently we are not sure about the list of victims in the list of information that the Phishing attackers have fished. With millions of users worldwide, we estimate that the victim list could be in the tens of thousands. If the Migration is reopened without effective prevention measures, the RBL theft will definitely continue without the owner even not realizing it.

We are adding layers of security padding to the asset migration protocol to ensure that only the real owner of the account can move the asset.

? Was RUBI Network hacked and user data stolen, right?

The shortest and fast answer is "NO", but let me clarify how the Phishing attacker stole your data, and this usually comes from the habits of the majority of users.

Let me describe exactly what this subjective habitual security vulnerability is!

Users who participate in making money online often participate in many projects at the same time, they often take advantage of every opportunity and every project to earn many types of tokens from any project they know, and so do Rubi Network users.

When a person participates in many projects, for convenience of remembering, he often uses the same information (email, username, password ...) for all the projects he participates in. This habit creates a serious personal security loophole that Phishing attackers take advantage of.

Phishing attackers take advantage of the loopholes from users and they often create fake websites to lure users to provide login information. They can also create a fake website of an Airdrop event and then ask users to register an account to participate in the Airdrop. Through the registration of the user, they have unwittingly provided their login information to them. The attackers then use the information they glean to go back to real projects to check for the existence of users on those projects.

And from the tens of thousands of information they have caught, they have a high probability of successful access, then they will mark the victim list to steal assets when possible.

Specifically, this tragedy happened in the Rubi Network project in March, after checking the chain of transactions of the thieves, we discovered that thousands of accounts had been visited by thieves and the mined RBL had been taken away but had not yet been transferred to the main wallet. The thieves quickly created additional wallets in the accounts and then moved the mined number to this wallet.

So they only stole from the accounts that had completed KYC, they took the mined RBL that the owner had not moved to the wallet, this is also the reason why the development team stopped the theft by temporarily blocking the transfer service as well as temporarily delaying KYC.

PART 2: SECURITY CHECKING & REPORTING "TROJAN WALLETS"

We have so far flagged hundreds of wallets as belonging to thieves, or wallets that were involved in "dispersing" stolen assets. We have also built a mechanism for the network to add the right to refuse to verify transactions from marked wallets. 

Other networks have little to no solution for such violations, so the blockchain becomes a haven for thieves. Rubi Network may be the first network to add these barriers to the protocol, the development team believes that adding these wallet marking rules is necessary to limit similar attacks in the future.

Rubi Network is a "benefit decentralized network", by the rule of "100% supply distributed" to the miner community, so we call for consensus, cooperation from the community to condemn acts of attacking public interests. We also call on the miner community to improve their self-security knowledge, as well as report if your account is being accessed illegally.

Here are 2 actions you should consider do it right now.

Action 1: CHECK YOUR ACCOUNT & CHANGE YOUR PASSWORD.

• Change your password to ensure you are always the only one accessing your account:
We recommend that you change your account password regularly every 2 weeks, and use a strong password with your privacy factor so that the password is easy for you to remember but difficult for strangers to guess.

• Check for suspicious signs that someone is trying to access:
Currently, Rubi Network provides users with 6 login attempts per day, if you try to log in to your account on another device and receive a message "the number of access attempts exceeded", it is very likely that someone is trying to access your account but failed. In this situation, you need to change to a stronger password, avoiding weak and easy-to-guess passwords.

Action 2: REPORT "TROJAN WALLET"

• If you find that your account has new wallets that you did not create, it is possible that this is a "Trojan wallet" created by the thief so that when the Migration is opened, they will move the mining part to this strange wallet to steal your mining efforts.

• Worse still, if you find a "Trojan wallet" and they have stolen your assets and moved them elsewhere, what you need to do is report and request to lock the wallet, then we will also continue to observe based on the movement of assets to screen and mark the wallets of the thieves.

Here is the official LINK to the reporting form (Google Form), where you submit the wallet lock report. (Please open the Link on Chrome or Safari web browser)

https://docs.google.com/forms/d/e/1FAIpQLSdEVgi_vTjQcCkaGh2PbGPvuSj_eNIm18ARKmsa_TKzIHsHqw/viewform

Notice when using this form:
This form is from Google, to avoid spam reports, we require you to use Chrome browser and log in to Google before completing the report.

You can only access the Form URL from a link through one of the official domains Rubi.click , Rubi.Global , Rubi.news , Rubi.social , never access this form from any other source.

PART 3: COMMITMENT FROM THE DEVELOPMENT TEAM

The Rubi Network community has reached 5 million users, and this valuable figure is impossible to fake, because Rubimily is a large mining community spread across the globe and is continuing to develop with the spirit of a decentralized network, bringing mutual benefits to all members.

The development team is committed to accompanying the project until the decentralized protocols are fully deployed, until all users can participate in operating the network using the DAO Governance mechanism.

We are also committed to protecting the real user value on the network by continuously improving and building a KYC mechanism, anti-fraud, and performing reliable asset verification before migration.

If you are a genuine user, you will always be welcome in the Rubimily community.

The KYC mechanism will ensure that real users will definitely complete KYC smoothly, the KYC process is also constantly upgraded to add screening solutions to eliminate fraudulent users.

RUBI TEAM

⚠️ Above are the things to do to make your assets safer, before Migration is reopened!