βββ π β οΈ π β οΈ βββ
It's a new day and another user leaked one of their private keys into the Hive Blockchain.
They COMPROMISED their:
private POSTING key
HOW: in a account_update2 operation
The compromised account owner has now been notified in multiple ways. The identity of the user will be disclosed only in the monthly report in order to give them time to address the issue.
Compromised account stats:
Reputation: 25
Followers: 0
Account creation: 8/2021
Last social action on chain: none
Estimated account value: $ 0.00
Top 5 private ACTIVE keys protected:
1. @nextgen622: ~$ 28,000
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
2. @cryptoandcoffee: ~$ 8,400
3. @runridefly: ~$ 3,300
4. @globalmerchantio: ~$ 250
5. @j3dy: ~$ 120 (500 HIVE automatically protected for 9 days)
My security disclosures for Hive:
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban/mute lists
Future development: Β plan
Last report: https://peakd.com/@keys-defender/monthly-report-june-july-august-2021-hive-13323
- XSS vulnerabilities in #########.com
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
Other contributions:
- Universal script to prevent phishing in all Hive frontends
- Commands for community reports and ban/mute lists
Future development: Β plan
Last report: https://peakd.com/@keys-defender/monthly-report-june-july-august-2021-hive-13323
Keys-Defender features:
- Keys protection [live scan of transfers/posts/comments/other_ops.
Warnings (reply and memo), auto-transfers to savings until fully restored, auto-reset of keys, ..] {see automatic posts on leak and monthly reports}
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injection detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
- Phishing protection [live scan of comments and posts to warn users against known phishing campaigns and compromised domains or accounts, scan of memos and auto-replies, anti phishing countermeasures - eg. fake credentials]
- Re-posting detection [mitigates the issue of re-posters]
- Code injection detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti abuse efforts [counteracts spam from hive haters and milking campaigns]
To support this project..
- Curation trail:
join my curation trail to upvote all my posts with a fixed weight.
- Downvote trail:
join my downvote trail to follow my downvotes on security threats and abuse.
- VOTE for our WITNESS !! Β Β Β Β
Β
Browser-based Β play-to-earn Β 3D Shooter on HIVE
Discord Β Β Twitter Β
This is extremely valuable work! Great job on this. Thanks to @ganjafarmer for showing me that this type of service exists. π
Thanks, much appreciated. Exactly tonight I resumed some development to make this even better and offer more services π π
Sweet! You're doing great work out here. I'm in awe of the some of the great minds on Hive, and glad to be in such company.
Spoiler: why limit such services to the Hive chain and not to its sidechains? π
Of course! I got a lot of friends here and sharing love and knowledge is something that I'm really happy to do.
Thank you for watching and helping others. You deserve a vote and a follow.
Id love to be tagged in any more alerts that you do. Excellent work! And positivity!
Absolutely love that!
@freecompliments
Something like this can definitely save someone's livelihood, especially if they invest a lot here or if this is their primary source of income. Safeguards like this are what will help bolster adoption of cryptocurrency by the masses.
Indeed, this bot saved some big accounts β