In the last days, many of new node operators freaked out hearing that some others (in fact only 2-3) got their node funds wiped.
Those affected, did not provide any other circumstances, just bombastic messages. That created a ton of panic in Telegram groups (plebnet, Umbrel, myNode etc).
All this drama created it doesn't make any good.
Solution?
-
don't panic.
-
to sleep well tonight just go and change that damn password (why you didn't change until now?) Here, in Umbrel troubleshooting manual I wrote you have all simple steps how to change that damn password and all will be just fine.
How to change Thunderhub hardcoded password
- ssh to umbrel
cd /umbrel/umbrel/apps/thunderhub/data/
nano thubConfig.yaml
- replace password value on first line. Keep the single quotes ', e.g. masterPassword:
my new password
CTRL+X - save —> enter to save same file and exit - Uninstall Thunderhub: go to Umbrel dashboard apps, click on top right - edit. Remove TH
- and re-install it again (will take that your new password), go to apps store and install it. wait for it to start.
Done. Takes only 2 min. That's it., No more drama. No other crazy shit you need to do (I saw users shutting down nodes, installing crazy scripts to disable Tor), no disable Tor, no remove channels, no shut down node. Nothing. Only these simple steps.
- even if you do not change it, if you keep accessing your node from clean PCs/devices and good versions of Tor (official, NOT shity apps that keylog your access/pwd), there's nothing to worry.
Key questions for those that got lost funds:
- what browser did they used outside their home
- are they 100% sure their devices were not infected with a malware?
If a burglar have your hose key but doesn't know where is your house, that key is useless. So don't freak out and put the whole town in panic mode just because you think the burglar will enter into your unknown house.
The case that some (very few users) are reporting they lost funds (with no proof until now) I am sure they get sloppy and used infected devices to access their nodes using non-official Tor browsers or they had malware that keylog all their activity.
I saw many users blaming anything else but not their sloppiness. So until they do not prove what they claim (TH / Umbrel/ mynode Tor leak) I would take it with a grain of salt. I worked 25+ years in IT and I know how users are blaming anything else but not their sloppiness... It's a fact.
I would ask all users with Umbrel nodes:
- did you read Umbrel "Don't be reckless"" section?
- did you took your own security measures to protect your node access? Aka using clean devices to access your node (in house and outside house)
- did you change the password (if you felt so unsafe) for TH. The troubleshooting guide was always available to see how to do it. Did you read it?
- even if you already did all above, are you sure you never leak yourself that onion address, by using a compromised device (malware, keyloggers etc)?