āāā šš ā ļøā ļø
It's a new day and another user leaked their private keys into the Hive Blockchain.
They accidentally COMPROMISED their...
private POSTING key
HOW: in a post creation operation published to the Hive blockchain.
NOTE: the same post got pasted and published on steem as well and the user still shares keys across the 2 platforms.
The compromised account owner has now been notified in multiple ways.
Compromised account stats:
Reputation: 56
Followers: 561
Account creation: September 2017
Last Post: today
Estimated account value: $ 16.48
What does this bot do?
- Keys protection[live scan of transfers / posts / comments / other_ops, auto-transfers to savings, auto-reset of keys, ..] {see automatic posts on leak and weekly reports}
- Phishing protection [live scan of blocks to warn against known phishing campaigns and compromised domains]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Phishing protection [live scan of blocks to warn against known phishing campaigns and compromised domains]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
My security disclosures:
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page