🔑🦸‍♂️ [monthly report - March 2021]

in LeoFinancelast month (edited)









@keys-defender activity report for the past month


I've been on paternity leave so I managed to do a bit more than usual.. =]


 




K E Y S   P R O T E C T I O N:


PRIVATE KEYS LEAKS protected:



  • Chain: Hive (active only on hive 😎)
  • Type: Memo key
  • Operation in which the account was leaked: transfer_to_savings
Leaked account stats:
- Estimated Account Value: $ 10.64
- Reputation: 43
- Followers: 2
- Account age: Joined Feb 2021





 

  • Chain: Hive (hive only account)
  • Type: Memo key
  • Operation in which the account was leaked: transfer
Leaked account stats:
- Estimated Account Value: $ 30.03
- Reputation: 51
- Followers: 17
- Account age: Joined Nov 2020





 

  • Chain: Steem (steem only account 👎)
  • Type: Posting key
  • Operation in which the account was leaked: comment
Leaked account stats:
- Estimated Account Value: $ 30.03
- Reputation: 30
- Followers: 9
- Account age: Joined Mar 2021





 

  • Chain: Hive (Hive only account 😎)
  • Type: Memo key
  • Operation in which the account was leaked: transfer
Leaked account stats:
- Estimated Account Value: $ 7.64
- Reputation: 6
- Followers: 2
- Account age: Joined March 2021





 

  • Chain: Hive (Hive only account)
  • Type: Memo key
  • Operation in which the account was leaked: transfer
Leaked account stats:
- Estimated Account Value: $ 2.35
- Reputation: 34
- Followers: 3
- Account age: Joined Jan 2021





 

  • Chain: Hive (steem+hive account but active only on Hive 😎)
  • Type: Memo key
  • Operation in which the account was leaked: transfer to savings
Leaked account stats:
- Estimated Account Value: $ 6.55
- Reputation: 25
- Followers: 2
- Account age: Joined Nov 2019





 

  • Chain: Steem (steem only account 👎)
  • Type: Posting key
  • Operation in which the account was leaked: post edit
Leaked account stats:
- Estimated Account Value: $ 31.98
- Reputation: 48
- Followers: 3
- Account age: Joined Feb 2021









NOTE: @keys-defender still scans the STEEM blockchain because your private keys are shared across the two chains unless you reset your password at https://wallet.hive.blog/@your-username-here/password!


                posting keys: // todo
                active keys: // todo
                memo keys: // todo
                owner keys: // todo



 

PHISHING LINKS detected (and auto-replied to):   ~1384❗

image.png

It has been a heavy month for phishing. The attacker that started his phishing waves in February did not slow down in March.

Example 1: https://hive.blog/hive-138876/@keys-defender/there-is-no-airdrop-it-s-just-phishing
Example2: https://hive.blog/hive-138876/@keys-defender/new-phishing-wave-do-not-fall-for-it-there-is-no-mainnet-launch

Furthermore the 3speak domain theft happened and cause the site to be temporarily marked as phishing.

New features have been added in @keys-defender (and some more not disclosed in order to make the phishing prevention more effective) that revealed successful to reduce the impact of such attacks. Plus, hopefully most frontends will start/continue using my universal script to block dangerous domains and users. See the development updates section for more info!


   

CODE INJECTIONS detected on Hive:   2

Just false positives, no harmful code was injected:

image.png

 

UNSAFE LINKS detected:

The latter figure seems smaller this month, maybe because of the phishing campaigns
reminding users that shortened links looks phishy 🎣 (and my warnings on their posts about shortened links? =] )

NOTE: links that do not use a secure protocol (https) and shortened links (eg. bit.ly) are NOT a threat per se but can lead to theft of credentials if misused or used in a malicious attack.










O T H E R   A C T I V I T I E S:   --> will be moved to @hive-defender (👶👶👶👶👶)


Confirmed re-posting authors:   0 ✔️

Just some false positive that will be prevented in the future with an easy fix.

Hundreds of notifications were automatically sent to my discord server as suspicious shortening of posts body, but no actual findings were reported. I suspect that the volunteer that used to go through these suspicious edits stopped doing it because Hive Watchers stopped rewarding users for these type of reports. =[

some bug fixes are required as well


 

Downvotes of @keys-defender (and its trail) against hive-abusers:  
...thousands.. (I do not have accurate stats yet due to all the automated flags given the past month to farming and phishing waves)   ❗

Accounts:

not available at this time

 


Followers of my downvote-trail: 10 (plus their own trail - about $ 5 downvote power in total) -> PLEASE JOIN



What else has been going on in March..

  • Phishing waves...
    [when the attacker surrenders/stops/gets-arrested, I will reveal the additional defense put in place against him that has been effective in stopping him multiple times in the past couple of weeks as soon as he tried to start a new campaign 😎]

      1. https://hive.blog/hive/@hivewatchers/new-phishing-warning-no-usdhive-7th-anniversary-airdrop-or-or-nueva-advertencia-de-phishing-no-hay-airdrop-del-7o-aniversario-de

      2. https://hive.blog/hive-138876/@keys-defender/there-is-no-airdrop-it-s-just-phishing

      3. https://hive.blog/hive-138876/@keys-defender/new-phishing-wave-do-not-fall-for-it-there-is-no-mainnet-launch

image.png

 

 

DEVELOPMENT UPDATE:

 
OTHERS:

 

Future development:


See the posts above for more details.
In a nutshell my current priorities are:
( ...let's see how far I get today and tomorrow - will likely spend less time on this starting from next week, gotta do life stuff.. =] )

  1. @kd to follow hive-defender up-down/votes + notify discord of votes > 6.5 days
  2. Mute lists and tests in testing community using @key-defender.shh
  3. Formula to counteract exact votes (plus UI?)
  4. Universal script to use new banlists. + other improvements
  5. Allow community to remove entries from ban list
  6. Abuse reports (rewarded) and separate ban lists (plagiarism, farming, etc)
  7. Tech-only proposal to cover expenses??
  8. Old (huge) backlog. Eg. bug fixes ( boring.. =] ).
    😎



Keys-Defender features:

- Keys protection[live scan of transfers / posts / comments / other_ops. Auto-transfers to savings, auto-reset of keys, ..] {see automatic posts on leak and monthly reports}
- Phishing protection [live scan of commentsa and posts to warn users against known phishing campaigns and compromised domains, scan of memos]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]


To support this project..
   
- Delegation links:
10, 20, 30, 40 HP
50,100, 200 HP,
500 HP, 1000 HP
- Curation trail
Follow my curation trail on hive.vote to upvote all my posts with a fixed weight.

I do NOT receive funds through a proposal or running a node witness.
                                          If you like what I'm doing please upvote, delegate 👆 or auto-vote 👆 my posts. Thx! 😊

Sort:  

thank you for the heads up, good to see good ;)

Thanks for looking out!

You're welcome   =]