Leak -- Compromised MEMO key successfully protected
βββ π β οΈ π β οΈ βββ
It's a new day and another user leaked one of their private keys into the Hive Blockchain.
They COMPROMISED their...
private MEMO key
HOW: in a transfer operation
The compromised account owner has now been notified in multiple ways. The identity of the user will be disclosed only in the monthly report in order to give them time to address the issue.
Compromised account stats:
Reputation: 25
Followers: 0
Account creation: 8/2021
Last social action on chain: 1969/12/31
Estimated account value: $ 151.43
Top 5 private ACTIVE keys protected:
1. @nextgen622: ~$ 28,000
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
My security disclosures for Hive:
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban/mute lists
Future development: Β plan
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban/mute lists
Future development: Β plan
Keys-Defender features:
- Keys protection [live scan of transfers/posts/comments/other_ops.
Warnings (reply and memo), auto-transfers to savings until fully restored, auto-reset of keys, ..] {see automatic posts on leak and monthly reports}
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injection detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injection detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
To support this project..
- Curation trail:
Follow my curation trail on hive.vote to upvote all my posts with a fixed weight.
0
0
0.000
!discovery 25
This post was shared and voted inside the discord by the curators team of discovery-it
Join our community! hive-193212
Discovery-it is also a Witness, vote for us here
Delegate to us for passive income. Check our 80% fee-back Program
This is misleading:
What would you suggest I change it to?
compromised, yes
protected? not at all
it's just an attempt that was made to contact account the owner, nothing more than that
and that's fine, because nothing more than that could be done
it's just wrong to call it protected because it's way too late for that
victim might thing that's OK to just change it on time, but for example all past communication that used such key (i.e. messages encrypted with that memo key) are forever public since the very moment that key leaked
I agree.
Should I change it to βMEMO key leak damage successfully mitigated/reducedβ ?
Or what else?
No, that doesn't make sense.
There's no forward secrecy, once leaked, it's over.
With the active key (where consequences can be much worse as it controls finances) it is ironically much simpler, because first you could tell looking at account history if there were funds movements between leak and the moment key was changed.
In case of memo key you just know that it happened and you can do nothing but just let owner know.
It doesn't protect them, it just inform them (if successful at all) about the fact.
I see what you mean now. Their past encrypted messages are leaked forever, that's a good point.
Your content has been voted as a part of Encouragement program. Keep up the good work!
Use Ecency daily to boost your growth on platform!
Support Ecency
Vote for Proposal
Delegate HP and earn more