❗❗❗ 💀💀 ⚠️⚠️
It's a new day and another user leaked one of their private keys into the Steem Blockchain.
They COMPROMISED their...
private MEMO key
HOW: in a transfer operation
The compromised account owner has NOT been notified since it's a Steem-only account.
Compromised account stats:
Reputation: 48
Followers: 8
Account creation: May 2021
Last Post: 11 days ago
Estimated account value: $ 5.34
Top 5 private ACTIVE keys protected:
1. @nextgen622: ~$ 28,000
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
My security disclosures for Hive:
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban lists
Future development: plan
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban lists
Future development: plan
Keys-Defender features:
- Keys protection [live scan of transfers/posts/comments/other_ops.
Warnings (reply and memo), auto-transfers to savings until fully restored, auto-reset of keys, ..] {see automatic posts on leak and monthly reports}
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
!BEER
!LUV
!ENGAGE
Your content has been voted as a part of Encouragement program. Keep up the good work!
Use Ecency daily to boost your growth on platform!
Support Ecency
Vote for Proposal
Delegate HP and earn more
Hi, @keys-defender I am reaching to you because I am afraid I might have a security comprimise when using https://3speak.tv and you seem knowledgeable about Hive blockchain security.
The SSL certificate seems to be invalid, I have made a post about it to see if I can get some help, or even to know if it is just me:
https://hive.blog/hive-181335/@igormuba/issue-with-3speak-ssl-ceritificate-careful-with-phishing
I am waiting to use the platform when the issue is solved, but I am reaching out to you to see if you can help me understand what happened, if it is just me, or it is indeed a security compromise, or anything else or in between.
Thank you.
It was a temporary issue with their certificate, it likely expired. All good now.
ENGAGE
tokens.View or trade
BEER
.Hey @keys-defender, here is a little bit of
BEER
from @rentmoney for you. Enjoy it!Did you know that you can use BEER at dCity game to **buy dCity NFT cards** to rule the world.
@keys-defender, you were given LUV from @rentmoney. About: https://peakd.com/@luvshares https://ipfs.io/ipfs/QmUptF5k64xBvsQ9B6MjZo1dc2JwvXTWjWJAnyMCtWZxqM