❗❗❗ 💀💀 ⚠️⚠️
It's a new day and another user leaked one of their private keys into the Steem Blockchain.
They COMPROMISED their...
private POSTING key
HOW: in a COMMENT operation published to the Steem blockchain.
The compromised account owner has now been notified in multiple ways. The identity of the user will be disclosed only in the monthly report in order to give them time to address the issue.
Compromised account stats:
Reputation: 30
Followers: 9
Account creation: March 2021
Last Post: 15 hours ago
Estimated account value: $ 0.00
Top 5 private ACTIVE keys protected:
1. @nextgen622: ~$ 28,000
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
What does this bot do?
- Keys protection[live scan of transfers / posts / comments / other_ops. Auto-transfers to savings, auto-reset of keys, ..] {see automatic posts on leak and monthly reports}
- Phishing protection [live scan of commentsa and posts to warn users against known phishing campaigns and compromised domains, scan of memos]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti spam efforts [counteracts spam from hive haters]
- Phishing protection [live scan of commentsa and posts to warn users against known phishing campaigns and compromised domains, scan of memos]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti spam efforts [counteracts spam from hive haters]
My security disclosures:
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
rewards test, no mention
!phishing https://phisherssuckalotoflemons.com/login.php
Thank you for your report, entry added to @keys-defender's database of phishing domains.
no mention, dupe
!phishing https://phisherssuckalot.com/login.php
Thank you for your report. The PHISHING domain "phisherssuckalot.com" was already in the banlist. - @keys-defender
!SCAM https://exchange.pancakeswap-finance-pools.site/#/swap
Thank you for your report. The SCAM domain [exchange.pancakeswap-finance-pools.site"] was already in the banlist. - @keys-defender