New features: extended phishing protection, preview and scan of shortened links

2 new features added to @keys-defender:

Logs




New feature # 1. Shortened URL preview & scan
This defense mechanism helps to prevent users from being tricked into navigating to a malicious site (eg. phishing, malware).



Example: (on Steem - my testing playground)

image.png

So, as per screenshot above, the unfurled URL gets also checked against the known phishing domains as if the link in the comment/post was not shortened to begin with.

At the moment, the preview is automatically generated for the following URL Shorteners:

- https://tinyurl.com/
- https://goo.gl/
- https://bit.ly/
- https://ow.ly/
- https://buff.ly/
- https://is.gd/
- https://adf.ly/
- https://bit.do/
- https://rb.gy/
- https://rebrand.ly/
- https://polr.me/
- https://b.link/
- https://t2m.io/
- https://gestyy.com/
- https://zpr.io/


More will be added in the future.

Furthermore, comments and posts that include links using http instead of https will now get a warning too.
To prevent spamming, this comment gets out only 1 out of 10 times since apparently many users share HTTP (no HTTPS) links.

Example: (on Steem - my testing playground)

image.png

NOTE: feedback is welcome! Please let me know if it gets too spammy and I'll reduce these type of comments even further!
(As per screenshots, users can already prevent future comments replying OFF if they're bothered by it)


New feature # 2. Since recently a few Hive users fell victim of a phishing campaign on Steem, I decided to proceed with protecting Steem users that still have the same private keys on Hive. 👉 👉


This is also the first step into not providing my services for steem users: steem accounts that do NOT have the same keys on Hive won't be notified by this bot when they come across a link that is flagged as phishing in my database.

So.. sorry, this feature is only for Hive users. Steem users, you already have Justin Sun taking care of you and making sure you are safu! (lol)

See also my last post on @gaottantacinque for more details and a code snippet you can re-use in your project for the same purpose.




5:50 AM, time to sleep!! 🙈🙈 Take care, @keys-defender / @gaottantacinque
         


UPDATE 1:

  • Added whitelist of shortened URLs. Eg. Actifit uses 2 bit.ly links in all their automated posts.
  • While the shortened urls preview and scan feature was working well on steem, it seems to have some issues here on hive as some of the requests required in its steps fail due to node issues. Will investigate further and work around those with a temporary patch. PS. Decided for the time being to remove the checks to prevent multiple replies when the author edits a post/comment containing a shortened URL. Will bring it back when the nodes issues are gone.


UPDATE 2

  • The auto-replies with the shortened URLs previews got a couple of OFF as reply so I decided that until I preview all shortened links in the post in a single message and keep in the cache users that I recently notified, I will only preview shortened links in comments and not in posts. This should reduce the clutter by one order of magnitude.
  • Auto-replies for HTTP links reduced from 1/10 to 1/20 to further reduce spam.


UPDATE 3

  • HTTP notifier updated to check whether automatic redirection to https is in place for the http links it finds. If it is, the user does not get notified as it's already safe. In all the other cases the user gets notified: the http link does not work, its https site exists but the https redirection is not in place, its https site exists but it errors out.
  • Now periodically (every hour) retrieving and checking against @guiltyparties's list of phishing/compromised domains..

image.png

..and phishing users..

image.png

..in order to counteract these threats!!

Example of discord notification for known phished users' activity

image.png


 


To support this bot..
                                       
- Delegation links:
10, 20, 30, 40 HP
50,100, 200 HP,
500 HP, 1000 HP
- Curation trail
Follow my curation trail on hive.vote to upvote all my posts with a fixed weight.

20 Comments