❗❗❗ 💀💀 ⚠️⚠️
It's a new day and another user leaked their private keys into the Steem Blockchain.
They accidentally COMPROMISED their...
private POSTING key
HOW: in a account_update2 operation published to the Steem blockchain.
The compromised account owner has NOT been notified since it's a steem only account (so it cannot have the same keys on Hive).
Compromised account stats:
Reputation: 25
Followers: 0
Account creation: October 2020
Last Post: n/a
Estimated account value: $ 0.00
What does this bot do?
- Keys protection[live scan of transfers / posts / comments / other_ops, auto-transfers to savings, auto-reset of keys, ..] {see automatic posts on leak and weekly reports}
- Phishing protection [live scan of blocks to warn against known phishing campaigns and compromised domains]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti spam efforts [counteracts spam from hive haters]
- Phishing protection [live scan of blocks to warn against known phishing campaigns and compromised domains]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Anti spam efforts [counteracts spam from hive haters]
My security disclosures:
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page