Leak -- Compromised MEMO key successfully detected
(Edited)
āāā š ā ļø š ā ļø āāā
It's a new day and another user leaked one of their private keys into the HIVE Blockchain.
They COMPROMISED their...
private MEMO key
HOW: in a transfer operation
The compromised account owner has been notified in multiple ways.
Compromised account stats:
Reputation: 41
Followers: 10
Account creation: September '21
Last social action on chain: 3hs ago
Estimated account value: $ 5.33
Top 5 private ACTIVE keys protected:
1. @nextgen622: ~$ 28,000
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
My security disclosures for Hive:
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban/mute lists
Future development: Ā plan
Last (bi)monthly report: https://peakd.com/@keys-defender/monthly-report-june-july-august-2021-hive-13323
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban/mute lists
Future development: Ā plan
Last (bi)monthly report: https://peakd.com/@keys-defender/monthly-report-june-july-august-2021-hive-13323
Keys-Defender features:
- Keys protection [live scan of transfers/posts/comments/other_ops.
Warnings (reply and memo), auto-transfers to savings until fully restored, auto-reset of keys, ..] {see automatic posts on leak and monthly reports}
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injection detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injection detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
To support this project..
- Curation trail:
Follow my curation trail on hive.vote to upvote all my posts with a fixed weight.
0
0
0.000
So many undefines with that account. Are you sure the "leaked key" wasn't really an international spy sending a code to confirm that the mission was complete and the world is once again saved?šµļøš
š
Ooops, it was leaked on HIVE and not on
Steem. Fixing the values. I check them all after posting them with a command, missed this one. Thanks š