@guiltyparties and @hivewatchers (ie. @spaminator @steemcleaners) marked 3speak.co as a phishing website in one of the APIs that @keys-defender consumes. This was done in order to safeguard users because the .co domain was compromised.
- @3speak’s announcement: /@threespeak/announcement-3speakco-is-currently-down-switched-to-3speaktv
This temporary blacklist will remain in place until the issue is resolved. Please hang in there.
The downvotes were automated and we’ll try to remove them afterwards.
UPDATE: New posts using the old domain will now not be downvoted.
Clarifications from GP:
Got my 4-day old baby crying in my arms all day so I could not be on top of this.
- If you're marked as a phished account you'll get the auto-replies that warn other users ( example )
- If your post or the metadata of your post still uses the 3speak.co domain you'll get the auto-reply that warns other users about the compromised domain ( example )
Please reach out to the admins of their discord server so that they can decide whether to remove you from @spaminator's list of phished accounts:
- 3speak.co is still blacklisted: https://spaminator.me/api/p/domains.json
- The users that complaining about the warnings are indeed in the list of hacked accounts: https://spaminator.me/api/bl/hacked.json
- Old posts edited by users to use 3speak.tv still get the warning because the metadata still uses 3speak.co and that triggers the bot (as expected).
Changes that I just released:
- From now on the bot will check if the phished account message contains a link before replying (still risky because the attacker could just post a link like "new airdrop, visit: t.ly/air9" and users could copy and paste it)
- Added workaround for metadata issue
Take care, kd
Update - from hivewatchers discord:
Final update: the issue seems now resolved and the domain has been restored -> /@threespeak/important-announcement-we-have-control-of-all-top-level-domains-including-3speakco