Leak -- Compromised POSTING key successfully protected
āāā š ā ļø š ā ļø āāā
It's a new day and another user leaked one of their private keys into the Steem Blockchain.
They COMPROMISED their...
private POSTING key
HOW: in a post operation
The compromised account owner has NOT been notified since it's a Steem-only account.
Compromised account stats:
Reputation: 40
Followers: 1
Account creation: 7/2021
Last social action on chain: 2021/7/10
Estimated account value: $ 0.03
Top 5 private ACTIVE keys protected:
1. @nextgen622: ~$ 28,000
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
My security disclosures for Hive:
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban/mute lists
Future development: Ā plan
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban/mute lists
Future development: Ā plan
Keys-Defender features:
- Keys protection [live scan of transfers/posts/comments/other_ops.
Warnings (reply and memo), auto-transfers to savings until fully restored, auto-reset of keys, ..] {see automatic posts on leak and monthly reports}
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injection detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injection detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
To support this project..
- Curation trail:
Follow my curation trail on hive.vote to upvote all my posts with a fixed weight.
0
0
0.000
Your content has been voted as a part of Encouragement program. Keep up the good work!
Use Ecency daily to boost your growth on platform!
Support Ecency
Vote for Proposal
Delegate HP and earn more
How could this bot protect a posting private key on Steem?
It does because many users still share the same private keys on Hive (unless they changed their keys on either platform). The ultimate goal is to only protect Hive though.
Protected = user warned in multiple ways that they compromised their account
!HACKED @hanculture
Hiding tags in images? :)
https://scribe.hivekings.com/?url=https%3A%2F%2Fhive.blog%2Ftest%2F%40guest123%2Ftest-424452b6df14c
Thank you for your report. The HACKED-USER domain [hanculture"] was already in the banlist. - @keys-defender
Hey. Can you check this profile -> https://hive.blog/@eleynesmb
Mass spamming 'You win some bullshit, please click the link"