@keys-defender activity report for the month of APRIL
K E Y S P R O T E C T I O N:
PRIVATE KEYS LEAKS protected:
1. @farooq2923
- Chain:
Steem(steem only account 👎) - Type: Posting key
- Operation in which the account was leaked: post edit
Leaked account stats:
- Estimated Account Value: $ 19.73- Reputation: 50
- Followers: 8
- Account age: Joined March 2021
- Chain: Hive (hive only account)
- Type: Posting key
- Operation in which the account was leaked: account_update
Leaked account stats:
- Estimated Account Value: $ 0.00- Reputation: 16 (reputation nuked by myself - intentional leak [can be exploited by phishers] and shady account - likely farming)
- Followers: 1
- Account age: Joined April 2021
- Chain: Hive (hive only account)
- Type: Posting key
- Operation in which the account was leaked: account_update
Leaked account stats:
- Estimated Account Value: $ 0.00- Reputation: 19 (reputation nuked by myself - intentional leak [can be exploited by phishers] and shady account - likely farming)
- Followers: 3
- Account age: Joined April 2021
- Chain: Hive (Hive only account 😎)
- Type: Memo key
- Operation in which the account was leaked: transfer
Leaked account stats:
- Estimated Account Value: $ 64.00- Reputation: 57
- Followers: 23
- Account age: Joined March 2021
5. @julymae07
- Chain:
Steem(Hive and Steem account) - Type: Posting key
- Operation in which the account was leaked: post
Leaked account stats:
- Estimated Account Value: $ 3.56- Reputation: 41
- Followers: 192
- Account age: Joined Jan 2018
6. @cutepets
- Chain: Hive (hive account only)
- Type: Posting key
- Operation in which the account was leaked: account update
Leaked account stats:
- Estimated Account Value: $ 6.55- Reputation: 12 (reputation nuked by myself - intentional leak [can be exploited by phishers] and shady account - likely farming)
- Followers: 0
- Account age: Joined April 2021
NOTE: @keys-defender still scans the STEEM blockchain because your private keys are shared across the two chains unless you reset your password at https://wallet.hive.blog/@your-username-here/password!
active keys: // todo
memo keys: // todo
owner keys: // todo
PHISHING LINKS detected (and auto-replied to): 62❗
April has been a heavy month for phishing too. The attacker that started his phishing waves in February continued at the beginning of April too. Eventually he got discouraged on Hive likely because my bot started replying automatically to any new phishing wave they started on Hive. They continued on Steem for a few days (and @keys-defender there defended only steem accounts that still shared keys with hive) and after a few days they stopped there too, likely satisfied with the funds they stole.
CODE INJECTIONS detected on Hive: 3
Just false positives, no harmful code was injected:
- https://hiveblocks.com/@benny.blockchain/cb-202113320 - @benny.blockchain
- https://hive-db.com/block/52803505 - just @louis88 testing in his community
- https://hiveblocks.com/@b0t5-t3sting/i-really-hope-that-this-post-is-not-hidden-because-i-want-all-your-private-keys - myself
- https://hive-db.com/block/52808725 - myself
- https://hiveblocks.com/test/@brutalisti/test - @brutalisti
UNSAFE LINKS detected:
- HTTP links: 24.9/h -> ~17,928/month. Auto-replies/warnings throttled 1/20.
- Shortened links: 24.9/h -> ~17,928/month. Auto-replies/warnings throttled 1/20.
This month fewer HTTP links and more shortened links..
NOTE: links that do not use a secure protocol (https) and shortened links (eg. bit.ly) are NOT a threat per se but can lead to theft of credentials if misused or used in a malicious attack.
O T H E R A C T I V I T I E S: --> This section will eventually be moved to @hive-defender
Confirmed re-posting authors: 1 ✔️
My bot detected 2 suspicious deletions by this user that eventually got discovered being a multi-account plagiarist:
https://hive.blog/hive-146620/@hivewatcher/qsf99d
Downvotes of @keys-defender (and its trail) against abusers:
Accounts:
not available at this time
@keys-defender currently follows the hiveflagreward team's downvote trail
@keys-defender is downvoting: farming waves, phishing waves, old hive haters that are active again (but not spamming the chain with vomit and dick pics, at this time)
I lost a couple of followers due to this incident (anti-farming feature abused to create chaos).
Followers of my downvote-trail: 8 (plus their own trail - about $ 10 downvote power in total) -> PLEASE JOIN
DEVELOPMENT UPDATE:
I started working on new features but they are still under testing. They'll likely be released in may/june.
Future development:
In a nutshell my current priorities are:
- Mute lists and tests in testing community using @key-defender.shh - waiting for @blocktrades's fix in hivemind to be released.
- Formula to counteract exact votes (plus UI?) -- ** deferred **
- Universal script to use new banlists. + other improvements + PR for condenser
- Allow community to remove entries from ban lists
- pwnd emails check (quick feature)
- Abuse reports (rewarded) and separate abuse lists (plagiarism, farming, etc)
- Tech-only proposal to cover expenses ??
- Old (huge) backlog. Eg. bug fixes ( boring.. =] ).
😎
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban lists
Keys-Defender features:
- Phishing protection [live scan of commentsa and posts to warn users against known phishing campaigns and compromised domains, scan of memos]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
To support this project:
Follow my curation trail on hive.vote to upvote all my posts with a fixed weight.
If you like what I'm doing please upvote, delegate 👆 or auto-vote 👆 my posts. Thx! 😊