You are viewing a single comment's thread from:

RE: New feature: detection of malicious code in blocks [XSS, SQL INJECTION, CSRF]

in HiveDevslast year

If feeling_nasty then
do_bad_stuff_and_steal_keys

Will it pick that up :) This is good work as there will be bad actors out there. I would hope people are using things like Keychain to reduce the exposure of their keys, but many will not.

Thanks and have a !BEER

Sort:  

@steevc Well it looks like it didn't, you gotta be one of the good guys then 😉

It's not only about the keys this time. The purpose of this feature is to detect early attackers targeting websites and Apps in the Hive ecosystem trying to inject malicious code in blocks to see if it executes in the platform under test. It's a preventive measure that will allow us to know in a timely matter if someone is trying something funky and hopefully even discourage them too as their account name will immediately be known.

We have to be vigilant. With so much money at stake there are bound to be attacks. Thanks.