<center>https://cdn.steemitimages.com/DQmRBQhwa1mKebp3zmT3i8CNPmDRMTcpwwfrWXAMEeWRDSR/image.png
</center>
<br>❗❗❗ 💀 ⚠️ 💀 ⚠️ ❗❗❗
It's a new day and another user leaked one of their private keys into the Hive Blockchain.
<div class="pull-right"><div class="pull-right">https://cdn.steemitimages.com/DQmXrgmkPidLgXtMvLHPYM44Gd32zayQ3ZuWKj3z6gAGRMj/image.png</div></div>
They COMPROMISED their...<h3><div class="phishy">private MEMO key</div></h3>
<div class="phishy"><b>HOW: in a <b><i>transfer</i></b> operation</b></div>
<br> The compromised account owner has now been notified in multiple ways. The identity of the user will be disclosed only in the monthly report in order to give them time to address the issue.
-----
-----
<div class="pull-right">https://steemitimages.com/640x0/https://i.pinimg.com/236x/60/a7/0b/60a70b92165f10376d3d64c357fc7577--the-matrix-keanu-reeves.jpg</div>
<h4 class="mindystore19-h">Compromised account stats:</h4>
- <b>Reputation:</b> 25
- <b>Followers:</b> 0
- <b>Account creation:</b> 10/2021
- <b>Last social action on chain:</b> <i>none</i>
- <b>Estimated account value:</b> <e class="phishy">$ 0</e>
-----
<div class="pull-left"><br><h4>Top 5 private <i>ACTIVE</i> keys protected:</h4></div>
<div class="pull-right">
<sub>1. <i>@</i>nextgen622: </sub><b><a href="https://hive.blog/hive/@keys-defender/weekly-report-12-1-compromised-account-s-successfully-recovered">~$ 28,000</a></b>
<sub><br>2. <i>@</i>cryptoandcoffee: </sub><b><a href="https://hive.blog/security/@keys-defender/weekly-report-30-2-accounts-leaked-in-the-past-7-days">~$ 8,400</a></b>
<sub><br>3. <i>@</i>runridefly: </sub><b><a href="https://hive.blog/hive/@keys-defender/successfullyprotected-1600122002275">~$ 3,300</a></b>
<sub><br>4. <i>@</i>globalmerchantio: <a href="https://hive.blog/hive/@keys-defender/weekly-report-13-2-compromised-account-s-successfully-recovered">~$ 250</a></sub>
<br><sub>5. <i>@</i>j3dy: <a href="https://hive.blog/hive-139531/@keys-defender/success-keys-defender-s-itg-actively-protected-a-compromised-wallet-with-500-hive-for-9-days"><b>~$ 120</b></a> (500 HIVE automatically protected for 9 days)<br><br></sub>
</div></div>
-----
<div class="pull-right">
<sub><b>My security disclosures for Hive:</b></sub>
<br><sub>- <sub><a href="https://hive.blog/hive-139531/@gaottantacinque/stored-xss-vulnerability-in-one-of-the-hive-frontends">XSS vulnerabilities in #########.com</a></sub></sub>
<br><sub>- <sub><a href="https://hive.blog/hive-139531/@gaottantacinque/defacement-phishing-vulnerability-in-one-of-the-most-used-hive-tools">XSS vulnerabilities in hive-db.com</a></sub>
<br>- <sub><a href="https://hive.blog/hive/@gaottantacinque/xss-found-in-one-of-drako-s-websites-will-add-details-after-it-s-patched">XSS vulnerabilities in scribe.hivekings.com</a></sub>
<br>- <sub><a href="https://hive.blog/hive/@gaottantacinque/hiveblockexplorer-com-is-vulnerable-to-stored-xss">XSS vulnerabilities in hiveblockexplorer.com</a></sub>
<br>- <sub><a href="https://hive.blog/steemit/@gaottantacinque/steemit-got-hacked">Malicious ads redirecting all Steemit iOS users to a phishing site</a></sub>
<br>- <sub><a href="https://hive.blog/security/@gaottantacinque/steemit-chat-is-unsafe">Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page</a></sub>
</sub>
<br><br>
<sub><b>Other contributions:</b></sub>
<br><sub>- <sub><a href="https://hive.blog/hive-139531/@keys-defender/phishing-on-hive-no-more-solution-for-all-frontends">Universal script to prevent phishing in all Hive frontends</a></sub></sub>
<br><sub>- <sub><a href="https://peakd.com/hive-169321/@keys-defender/new-commands-and-ban-lists">Commands for community reports and ban/mute lists</a><br><br></sub></sub>
<br><sub>Future development: <sub><a href="https://peakd.com/hive-169321/@keys-defender/re-keys-defender-qtca68">plan</a><br><br></sub></sub>
<br><sub>Last (bi)monthly report: <sub>https://peakd.com/@keys-defender/monthly-report-june-july-august-2021-hive-13323</sub></sub>
</div>
<b>Keys-Defender features:</b><div class="pull-left">
<div>
- <sub><a href="https://hive.blog/steem/@gaottantacinque/the-keys-defender-bot-is-live-in-beta-mode"><b>Keys protection</b></a><sub> [live scan of <i>transfers</i>/<i>posts</i>/<i>comments</i>/<i>other_ops</i>.
Warnings (<a href="https://steemit.com/newlife/@keys-defender/re-julymae07-ngswhenapplicablesub-1618660173474">reply</a> and <a href="https://hiveblocks.com/tx/893bc2fda6e5e6689595fbaa386b845749cba0a4">memo</a>), auto-transfers to savings <a href="https://peakd.com/hivedev/@keys-defender/keys-defender-development-update-v1-2-1-released">until fully restored</a>, auto-reset of keys, ..] {see automatic <a href="https://hive.blog/hive-138876/@keys-defender/keys-defender-compromised-posting-key-successfully-detected">posts on leak</a> and <a href="https://hive.blog/hive/@keys-defender/successfullyprotected-1600122002275">monthly reports</a>}</sub></sub>
<br><i>-</i> <sub><a href="https://hive.blog/hive/@keys-defender/new-feature-phishing-detection-and-auto-reply"><b>Phishing protection</b></a>
<sub>[live scan of comments and posts to <a href="https://peakd.com/hive-129496/@keys-defender/antiphish-keys-defender-bot-1616855688427">warn users</a> against known <a href="https://peakd.com/hive-138876/@keys-defender/new-phishing-wave-do-not-fall-for-it-there-is-no-mainnet-launch">phishing campaigns</a> and compromised domains or <a href="https://hive.blog/hive-193552/@keys-defender/antiphish-keys-defender-bot-1618583136062">accounts</a>, <a href="">scan of memos</a> and auto-replies, anti phishing countermeasures - eg. <a href="https://peakd.com/hivedev/@keys-defender/script-to-fill-a-phisher-s-database-with-thousands-of-false-positives">fake credentials</a>]</sub></sub>
<br><i>-</i> <sub><a href="https://hive.blog/hivedev/@keys-defender/new-feature-added-to-keys-defender-plagiarism-detection"><b>Re-posting detection</b></a>
<sub>[mitigates the issue of re-posters]</sub></sub>
<br><i>-</i> <sub><a href="https://hive.blog/hive-139531/@keys-defender/new-feature-code-injections-attempts-detection-xss-sql-injections-csrf"><b>Code injection detection</b></a>
<sub>[live scan of blocks for malicious code targeting dapps of the Hive ecosystem]</sub></sub>
<br><i>-</i> <sub><a href="https://hive.blog/hive-192847/@keys-defender/anti-spam-efforts"><b>Anti abuse efforts</b></a>
<sub>[counteracts <a href="https://hive.blog/hive-192847/@keys-defender/anti-spam-efforts">spam from hive haters</a> and <a href="https://hive.blog/hive-169321/@gaottantacinque/10-line-script-that-anyone-can-use-to-downvote-abuse-help-counteract-ongoing-farming-on-hive">milking campaigns</a></a>]</sub></sub>
<br><br>
</div>
</div>
-----
<div class="pull-right"> <a href="https://discord.gg/SXuwsH7"> <sub><sub>Discord chat</sub></sub> <br><img src="https://images.hive.blog/DQmSFrtHjrjsR3y5R6SuBJLcDG9iQYtVebsBdpRHS3YwAgv/image.png"></a></div>
<div class="pull-left"><h5>To support this project..</h5>
<div class="pull">https://images.hive.blog/DQmWmRN7k741DbkG5jL19Y5h1H5tqhpHLJUtGiTgPUy3C4y/image.png</div>
</div>
<center>
<div class="pull">
<div class="pull">
- <b><sub>Delegations:</sub></b><br>
<sub><a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=10%20HP">10</a>, <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=50%20HP">50</a>, <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=100%20HP">100</a> <br><a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=500%20SP">500 HP</a>, <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=1000%20SP">1000 HP</a></sub></div>
</div>
<div class="pull">- <b><sub>Curation trail: </sub></b>
<sub><sub>Follow <a href="https://hive.vote/dash.php?trail=keys-defender&i=1">my curation trail on hive.vote</a> to upvote all my posts with a fixed weight.</sub></sub></div>
</div>
</center>
hiveblocks