Fighting phishing on Hive - 2 solutions to better deal with phishing on Hive. Your feedback is needed.

image.png

In this post I would like to bring together my thoughts, which I have made today during the whole day. Today I was thinking about how to improve the security of each user on Hive. Right now there are always ongoing phishing attacks here on Hive. So I am very sorry that a German speaking member of the community has become a victim of such a phishing/scam attack this morning.

Since many months it is always the same approach of the attacker. A website is set up, in front of you is pretended that you can quickly pick up your airdrop or something similar. A fake version of the HiveSigner tool is used, where the data is not compared with the blockchain in the background, but the entries end up in plain text in the attacker's database. Once you have entered your data there, things then move very quickly. The account is changed on the Steem Chain as well as in our case on Hive. In most cases, a new password is immediately set for the account, all liquid funds are sent out and a power-down is initiated. If you have "only" entered your active key, then at least something can still be saved. An account recovery is appropriate here. But if the victim still has his recovery account on "steem", it's over. As we know, Justin Sun or someone from Steem will not bother to perform an account recovery for Hive users.

All this is repeated because the attacker / phisher now has a larger collection of "real" accounts in his control. Conversely, this means that the attacker uses the newly gained accounts to write more phishing comments on the blockchain and thus the whole thing takes on ever greater proportions.

And this is where I started to think about how to provide at least a little more security for the Hive community.

My idea for more security

When the phisher / attacker uses his unauthorized obtained accounts to post comments, they are mostly posted under articles that are inside a community. As an administrator / moderator of a community, there is the possibility to manually put certain accounts on the "mute" list.


Current mute list of the german speaking community @hive-121566

This function is great for hiding troublemakers, inappropriate content or even phishing within the community. This is not censored, but simply hidden. And that's fine!

You always have the possibility to view the comment by clicking on "Display comment". The comment from @happyfrog420 was automatically hidden after I put the user on the mute list of our community.

The user who got hit this morning.... @drhoofman I have now also put on the "Mute" list as a precaution. I know that the attacker has full control over the account and will soon post more phishing comments with @drhoofman's account.

@keys-defender and lists of known phishing accounts.

There is a great effort thanks to @keys-defender and some other great people to act quickly and efficiently against such phishing attacks. On our Discord, where all necessary information about currently ongoing phishing attacks and new phishing waves are gathered, we coordinate together how to act efficiently and targeted against the phishing attacks. Questions will be answered very quickly!

And here comes a part of the solution to the problem we have.

Thanks for the quick and detailed answer @keys-defender! For now, I am only interested in one specific list. And that is the list of account names that are potentially at risk of writing more phishing content to the blockchain. These are primarily the accounts that "stupidly" entered their passwords on the phishing site and then, as a potential phishing victim, spread the shit on the blockchain. I assume that this list is by far the most current list of such hive accounts:

https://raw.githubusercontent.com/gryter/plentyofphish/master/phishing.txt

A list - And the responsibility the own community - The solution?

Now that we have a very large list of Hive account names that are known to post malicious content to the communities, it's time to take a big step. Now I don't know much technically about the new blacklist and personal mute lists on Hive that are being developed (@blocktrades, @howo) but there must be a way to use this list for your own community. I don't want to manually add every single person on the list to my community, but I want the mute list to expand automatically as soon as "unfortunately" someone new falls for the phishing crap and presents as a clear danger to others.

Suggested solution 1

I, as the community leader and owner of the community's account with owner privileges, could give an account the Posting Permission or Active Permission to manage my community's "mute list" from the outside. Of course, this requires great trust in a service that handles this power very carefully and professionally. As an example, you could give the account "@keys-defender" the rights to manage the mute list within my community to make sure that new accounts distributing phishing are directly muted in the community.


Proof of Concept

Proof of Concept

Suggested solution 2

In the settings e.g. at PeakD or Hive.Blog in the administration of the community there is a check box that the administrator of a community can activate and thus automatically set the list of known phishing accounts to mute.


Proof of Concept


First and foremost, I want there to be a central place that each community can activate or not when needed. It is ultimately up to each community owner if they want to take this step. I think it only makes sense if there is such an extension for the experience within a community to a) make the user experience as good as possible b) improve the security of the users on Hive.

A call to the community leaders!

I'm calling you - community leaders of the most used communities on Hive! Do you want to fight phishing and scam? Please leave me your feedback in the comments on these suggested solutions and let's discuss if this is a way to stop the phishing shit on Hive.

Leofinance Community: @khaleelkazi @leofinance
Gems Community: @bluemist
HIVE CN 中文社区 Community: @sweetsssj
Foodies Bee Hive Community: @foodiesbeehive @foodiesunite
Hive Gaming Community: @hivegc @strawhat @acidyo
Haveyoubeenhere Community: @martibis
Photography Lovers Community: @derangedvisions
Nerday Community: @nerday.com @nerday
Project HOPE Community:@project.hope @juanmolina @crypto.piotr
OCD Community: @acidyo
Hive Book Club Community: @macchiata
OnChainArt Community: @midlet
DTube Community: @dtube
Actifit Community: @mcfarhat
Threespeak Community: @theycallmedan @starkerz @threespeak @sisygoboom
Cervantes Community: @cervantes

Thank you very much. I look forward to construtive feedback on those ideas I had.

Peace ✌️
louis

H2
H3
H4
3 columns
2 columns
1 column
17 Comments