Two phishing initiatives are spreading on Steemit!
Scam description
The targeted victims receive a transfer of a small amount of money. In the memo, there is a poisoned link in an attempt to steal their information.
The first attack started 2017-10-04 13:00:24 and stopped 2017-10-05 01:31:39.
It looks like this:
The second attack started 2017-10-09 18:41:03 and it is still active. Here an example:
Up to now, around 1 thousand phishing exploit have been generated!
White Hat in action
Several posts have already been published on Steemit in order to inform the users about the potential risk of such an attack. The problem is that the victims of this attempted theft of information may not have seen or read these posts.
Therefore, I decided to create a bot that uses the same technique as the attackers: the bot sends a warning message to all the victims using their wallet.
Long term reaction
The bot will run 24x7 and can be easily updated to react to new attacks.
If you notice any new suspect activity like the one described above, drop a comment on this post, contact me on steemit.chat or via Telegram (@VIM_Arcange)
I will not let these scammers rot the platform and with impunity steal naive users .
Thanks for reading!
UPDATE 1
@lovelygirl is also sending scam payments
The Warning-Bot will now monitor this account.
UPDATE 2
I published an update of the story here - Phishing exploit has been stopped - Scammers thwarted!
footer created with steemitboard - click any award to see my board of honor
Support me and my work as a witness by voting for me here!
There is another asshole who opened up an account @blocktradess with two "s" trying ( and succeeding) in capturing some fat finger funds sent to @blocktrades with one "s" for exchanging.
It's always interesting to look at wallets and guess who possible culprits can be:
That was a phat loot!
Agreed mandrea could be that asshole !
Damn. Thanks for warning. i recently used blocktrades and be doubly sure. Now, better be triply sure than sorry.
There is a phishing account for most of the whale, for example - @jerrybanfeild -a phishing account for @jerrybanfield
what the hell i mean seriously ? :/ why people doing this ? wont they believe in Balance of GOD ? at the end ? at the grave ?
what ???
Yes @swaraj Im glad you brought that up, I also today just found @papa-peper (instead of teh REAL @papa-pepper ) and then@bittreex instead of @bittrex and then @polinix and @polinicks or something like that i cant remember the poloniex one but it was funny, sounded like how rednecks pronounce "Poloniex" its supposed to be Po Lo Knee Ex PoLoNee Ex not polinecks like some people pronounce it LOLOL
Anyway the @jerrybanfeild thing is funny, when his name is spelled Field with an I before E except after C (and V and a bunch of other exceptions...psh... that saying is sooo unhelpful when learning to spell in English.....
Anyway So who is this mandrea asshole? Can we not get his fucking blocktrades account blocked? cant we make it so when he tries to send money to bittrex or poloniex we have @poloniex @bittrex @blocktrades or @openledger intercept it, and return it to its rightful owner who can be proven by the people who sent any money to @blocktradess ALSO we should use CONSENSUS to simply take over this account. We should all take a vote, and include in the next hard fork a code that simply changes the password for that account or just removes the name OR just delete the account or disables it, for good, and credits the victims with that money, but seems like its too late and mandrea has already send that money to an exchange ? or no?
these people think they can get away with this shit, but one day in the future we will show them that they cannot. Sure they can have the freedom to accept accidental money in this manner but the community also has the right to do something about it
As soon as this fucker @mandrea tries to fucking send money to an exchange we should warn the exchange and have them confiscate the coins there has to bea way to do this.... or to hard fork this account into teh hands of real block trades and just use consensus to disable this fucjking scam account
Where there is money,there will be scams. Yes there should be some way to block these account.
@inertia in steemspeak.com told me that if you do enter one of these Knowing Phising scam accounts accidental into Steemit wallet, the walet dialogue Box will Warn you in red letters that it is a scam account and not to send there, (just like when you type in an exchange withoyt a memo, ) but tjey can only warn you and not prevent ou, but I would like an extra dialogue box maybe? Like even whenyou click yes send it makes you confirm and maybe even plays a short video explaining why you shouldnt send to these accounts?? I dunno we should just ..i know w cant stop peopl from sendingmoney to people saccounts in their wallets but we have to use consensus to show we have control over our own blockchain when it comes to scamers flooding wallets woth spam, we will have some solutions however, and its good this all hapened SONER rather than latwr, we wont wanna onboard millions of users only to end up with a situation with millions of users getting scammed using phishing attacks which would have never happend on a centralized platform like facebook ow teiotter where no accounts sending links like that would be up for long but that does happen on facebook and instagram etc, we cannot delete transactions from he walet history BUt we have to implement a way to , without the chrome extension (extra info steemit) to actually filter out the wallet transactions and its scarey to think anyone with bad intent can take advantage of our free transaction fee to Gum up the sytem and slow it down by spamming from one account and its really sucky! We WILl find solutions to these possible future escalations of current problems! Oh I love steemit so Much I feel Like im working in cryptography during orld war 2 or something!
Anyway discord chat steemspeak.com is liek a 24/7 text and voice chat with images videos GIFs and even @curiosity bot by @gyzimo which lets you send or recieve SBD to yoru steemit account as tips all there in teh chat! Ive already earned 5 SBD from just hanging out in teh chat which is amazing considering I didnt have to post anything! Mostly thanks to @instructor2121 Thanks for raining down SBD on the chat with @curiosity bot!
I think better solution would be something like KYC where you are verified but not sure if its too late for that. Could you please provide me the link to steemspeak discord channel? Thanks
Could these be the cause of recent DDOS attack on Steemit because of which Steemit was down ? Just a thought ?
Terrible!
Thats correct and we need to be careful not fall prey to those....
Thank you @onceuponatime
The problem is downvoting them wont make them stop this assholes activities ? then how is there any option to direct ban there accounts Ip's ?
Thank you for solving this @arcange. I am @samstonehill and for the moment have been forced to another account. Was not aware they were using my account for this purpose now.
Your solution is perfect and exactly what I suggested when I explained this situation yesterday: https://steemit.com/steemit/@samstonehilltube/samstonehill-has-been-hacked-and-cannot-be-re-accessed-how-did-this-happen-and-what-are-the-solutions
Had I seen a message like this in my wallet next to the scammers message, clearly I wound't have made this mistake.
Thank you for highlighting these issues and spreading the word.
Am still keeping my fingers crossed that I will be able to confirm my identity directly with Steemit and regain control of my account.
The hackers are currently flagging me from my own account on everything I write in the new account. Not sure what they have against me?
I've just voted for you as Witness. And if I get my main account back I will do it from there too :)
Thank you for your great work.
Hey @samstonehilltube, sad to read you got hacked and had to restart from scratch.
Hard learned lessons are sometimes the best.
He is doing the same on me, but as he is a noob and burned all his voting power, not really hurting.
Unfortunately for your ego, I think he absolutely doesn't care about you.
He just want to express his frustration being thwarted ;)
Thanks a lot for your witness support!
I wish you all the best!
Many thanks for putting my ego in place. My missus has to regularly :)
He must be a rather sad individual. Still, you have done a great thing here and I intend to write a post on this subject. The community reaction to this situation has been amazing. @timcliff has already changed the wording for the registration process so that others don't make the mistake I made.
In my new account I have received so many donations today from awesome generous people.
And going through all the comments to my latest post, it is so encouraging to feel the passion of this platform.
Thank you for playing your part!
In general, I don't like bots. But today I want to thank you @arcange for giving me this great example how bots can be used for good. Counter-attack is a great tool in addition to a general advice to newbiess how to keep themselves secure.
Today I wrote a separate post advising my 1400+ followers what dangers they maybe facing here, and how to avoid em.
Together we are stronger than those scammers (sorry, but my coding skills are next to zero, so I can not make any bot like yours)
@samstonehilltube I will keep my eye on your new acct , will try to help recovering on this new acct as much as I can
Just for the record, I was going to change it but when I went to make the change, the wording in the screen shot was already there.
I want to take this opportunity to personally thank you and @arcange, for your assistance to @samstonehill in recovering his account. I am proud that I selected you as a witness and @arcange. You are both what I think one part of the witness program is all about, helping and supporting the users during crisis situations such as this and all the hard work you both did during the ddos attack. Thank you for your support of the Steemit community. both of you.
WE need to get 2fa added for added security as well .
Damn the inconvenience. You know what is inconvenient. Losing all your STEEM and loyal followers.
I am not aware of a way 2fa can be implemented at the blockchain level.
If it's possible to have 1 factor authentication, it's possible to have 2 factors. We already have this in a limited form via posting keys vs master keys.
I want to thank you and @timcliff for all the assistance you both provided @samstonehilltube in recovering his original account @samstonehill. He was trying to bring a little bit of light to the evacuees in Bali because of the volcanic activity there when this happened. It is nice to see that things worked out for him thanks to you two.
Thank you for your help!
Thank you so much for doing this for the community!
I think it is good to bring these kinds of scams to the attention of the Steemit community. It looks to me like they are targeting power users. The motive is to steal money. There is a small clue that this is a hoax. The scammer is using a gmail address. We have to be skeptical of all such communications and think twice before replying.
It is very generous of you to use your own money to help defend people in the same forum. How much is this costing you? (I guess it depends on the number of scam messages being sent).
Scammer stopped his exploit when he s noticed counter-strike, so it din't cost too much
Up to now, sent 846 warnings ... affordable ;)
This posts have been re-blog.
Thank you for your post @arcange
Thanks a lot for exposing the subterfuges! They tried to get me too... Luckily, I didn't click on anything and followed the inherent wisdom that seemed to be calling me not to open it.
Namaste :)
I felt that too. And it was FEAR, tiredness and feeling under pressure in that moment which led me to ignore my instincts. I posted the full story yesterday:
https://steemit.com/steemit/@samstonehilltube/samstonehill-has-been-hacked-and-cannot-be-re-accessed-how-did-this-happen-and-what-are-the-solutions
Really hope my mistake doesn't negatively affect others.
I would like to challenge you on that last statement. How others feel is their responsibility. What does negatively effecting others even mean? On the contrary. Your mistake is HUGELY BENEFICIAL to others because you are sharing it. It's helping me tighten up my security.
I was thinking about the hackers using my account now to trick further people. The number of followers and high rep works to their advantage by making people think they are authentic.
But you are right of course, what has happened here will ultimately lead to improved security features on the site and heightened awareness of the importance of security for all!
Thanks again for your support Danny ;)
"Experience" is the name we give to our mistakes!
You said it. Always learning. And for sure this experience has taught me much!
Good deed goes a long way.
Why why.
Thank you for giving a helping hand.
Resteemed
Keep on steemit and protected steemit
I will do. Thanks for you comment
Hey arcange,
Very interesting read, Thanks you for sharing it!
I think I read samstonehill got scammed and I saw this message somewhere too.
More reasons to try to protect others users.
counterstriking here a bit
people are so desperate, why don't they invest their energy providing value and creating informative contents instead of doing evil activities like this??
It's all very nasty. Yet look around this thread / post and the goodness is amazing. Thanks all for posting your experiences no matter what. I learn so much from these posts, they are invaluable.
Yeah, I think sam account got hacked, and the scammer use sams account to get more victims.
It's terrible that this can happen to people who have such a large amount of steem, or any amount for that matter. Hopefully as a community we can figure this out and keep everyone's accounts safe
This is horrible I don't even think that there's a kind of people like this. These are people that really want an instant money for their own good. Well anyway thank you for sharing this atleast i'm aware now and will resteem this post to my friends to prevent spreading.
When I first arrived on steem it ( not so long ago ) I received a message from a @jones420
with a simular propsition
Thanks for notifying.
I made some analysis and indeed, this account looks suspect and is not trustful.
I will add it to the Warning-Bot list.
Reported here
wow, we owe you major for this, my friend
Great idea. I feel bad for anyone who falls for this stupidity, but sadly people still need reminders to not do stupid things online. I appreciate your efforts here.
Thanks mate!
I have done some really idiot things online..... most of them at poloniex and bittrex though. Painful yes, but not embarrassing, not yet anyway. My problem has been the infamous FOMO.
Now I follow everything @arcange post because that FOMO should be shared by us all.
#SafetyPatrol
thanks for sharing :)
Thank you so much for your post!
Upvoted and resteemed!
Thanks for spreading the new!
That is how you handle THAT! Great work. You have saved many people from unwittingly falling for the scam. I see that you just started the bot. Just curious, what order does the bot choose? From 1st to most recent? Alphabetical? Rep?
The bot is processing from oldest transaction to recent one.
Then it will monitor each new transaction.
Thanks for sharing and educating those that are not aware. We need alert Steemians who can recognize these scammers and uncover their cheating acts on others.
Thanks
@jackpot
This post alone deserves a witness vote for you. While other witnesses are trying to charge $50 for a new account, others are doing work like this. Do the right thing people!
Thank you for your support! Appreciated =)
A pleasure, apologies for being 'late' with the witness vote for you.
Thank you @arcange !! I am stupid enough to fall for this! thank god it was only 2SBD as i just want to test it first.
You also took the hassle to send me a memo. A worthy witness!!!! got my vote.
I knew something is wrong. @lovelygirl i'm coming for you!!!
Thank you so much for your witness vote! Appreciated =)
This is what we need now a counter attack... worth to become my witness.
Thank you so much!
Hi @arcange, I've been following your posts for a month now. You're doing an amazing job without missing any opportunity to serve the community. The current post is another fine example in this regard.
You're a saviour!
This post should be shared by all the readers. It will help many to protect their accounts from this scammer. Just gave it my shout out.
Steem On!
Thanks for you warn comment. Really encouraging.
Hey @arcange the whole Steemit community salutes you for the non stop effort to make steemit great and safe for everyone.
Thank you brother for this post, resteemed and followed.
Follow me @oodeyaa
Thanks for warning. There is a phishing account for most of the whale.
Thank you @arcange! I upvoted your other post as well and as I say there, you've got my vote for witness!
Thank you for your support and you witness vote!
Thank you so much for this information. I really hate those opportunist who have nothing to do but steal and scam users. Why can't they just do something good from their talent?
worthy of a witness vote... so many witnesses are worthy... I will have to search through my list and see if any aren't quite up to it
Yes, many witnesses are doing their best to promote Steemit and help users.
Thanks for your support. It is really appreciated!
You have my witness vote too for this @arcange and your daily statistics - thank you.
Thanks a lot =)
You're welcome.
Thanks for all the work there. Much appreciated. Have been seeing your wonderful works for steemit. Not much support but you have my witness vote :)
Thank you for your comment and witness vote!
Thanks for the intel, I usually don't even notice these things.
thanks for alert
Thank you for your warning @arcange. Almost lost money there
Awesome solution! I was trying to flag their account, but since it's a wallet message and not a post I couldn't find a way to do so. This message should help thwart their attempts at phishing. voted and resteemed!
Thanks!
Wow, that twat face @accounttransfers is down voting all the comments. Fuck you asshole.
But I know samstobehill, did his account get hacked then? I went and looked at his page and he transfered you .001 asking why you were spreading lies about him, yet sure enough... He has sent s bunch of people messages about their account being blocked.. so I'm wondering what's going on...
Hi @arcange, I'm interest with your post. Can I translate your post to my language Indonesia?
Informative post
If I get 10,000 upvotes I'll post a video doing whatever the highest upvoted comment tells me to do!
thank you very much for share.
Thank you for routing this one out.
Thanks for sharing...
Thanks for the heads up! We can't be 'hacked' if we've noticed some random acc put small amount of funds in our acc right? Just don't click on any links or make any downloads yeah?
EXCELLENT.
That's a GOOD use of bots..
Congratulations @arcange! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOPNice post resteemed
Thank you for the info sir.
Can I ask? How can I know my account already hacked or how can I know that was a phishing?
Thank you.
It doesn't look like your account has been hacked as you are pretty new to the platform.
A bit of paranoia will help. Do no give your trust to fast and perform basis verification.
strike.....?
Striked out! The exploit stopped =)
Your post caught the eye of @jbbasics in a Steem drive-by.
It received a 50.00 % upvote from @steemcondenser. Steem on my friend!