<center>https://cdn.steemitimages.com/DQmRBQhwa1mKebp3zmT3i8CNPmDRMTcpwwfrWXAMEeWRDSR/image.png
</center>
<br>❗❗❗ 💀 ⚠️ 💀 ⚠️ ❗❗❗
It's a new day and another user leaked one of their private keys into the ~~Steem~~ Blockchain.
<div class="pull-right"><div class="pull-right">https://cdn.steemitimages.com/DQmXrgmkPidLgXtMvLHPYM44Gd32zayQ3ZuWKj3z6gAGRMj/image.png</div></div>
They COMPROMISED their...<h3><div class="phishy">private MEMO key</div></h3>
<div class="phishy"><b>HOW: in a <b><i>transfer-to-savings</i></b> operation</b></div>
<br> The compromised account owner has NOT been notified since it's a Steem-only account.
-----
-----
<div class="pull-right">https://steemitimages.com/640x0/https://i.pinimg.com/236x/60/a7/0b/60a70b92165f10376d3d64c357fc7577--the-matrix-keanu-reeves.jpg</div>
<h4 class="babakyi-s">Compromised account stats:</h4>
- <b>Reputation:</b> 53
- <b>Followers:</b> 348
- <b>Account creation:</b> 2/2018
- <b>Last social action on chain:</b> 2021/10/1
- <b>Estimated account value:</b> <e class="phishy">$ 54.68</e>
-----
<div class="pull-left"><br><h4>Top 5 private <i>ACTIVE</i> keys protected:</h4></div>
<div class="pull-right">
<sub>1. <i>@</i>nextgen622: </sub><b><a href="https://hive.blog/hive/@keys-defender/weekly-report-12-1-compromised-account-s-successfully-recovered">~$ 28,000</a></b>
<sub><br>2. <i>@</i>cryptoandcoffee: </sub><b><a href="https://hive.blog/security/@keys-defender/weekly-report-30-2-accounts-leaked-in-the-past-7-days">~$ 8,400</a></b>
<sub><br>3. <i>@</i>runridefly: </sub><b><a href="https://hive.blog/hive/@keys-defender/successfullyprotected-1600122002275">~$ 3,300</a></b>
<sub><br>4. <i>@</i>globalmerchantio: <a href="https://hive.blog/hive/@keys-defender/weekly-report-13-2-compromised-account-s-successfully-recovered">~$ 250</a></sub>
<br><sub>5. <i>@</i>j3dy: <a href="https://hive.blog/hive-139531/@keys-defender/success-keys-defender-s-itg-actively-protected-a-compromised-wallet-with-500-hive-for-9-days"><b>~$ 120</b></a> (500 HIVE automatically protected for 9 days)<br><br></sub>
</div></div>
-----
<div class="pull-right">
<sub><b>My security disclosures for Hive:</b></sub>
<br><sub>- <sub><a href="https://hive.blog/hive-139531/@gaottantacinque/stored-xss-vulnerability-in-one-of-the-hive-frontends">XSS vulnerabilities in #########.com</a></sub></sub>
<br><sub>- <sub><a href="https://hive.blog/hive-139531/@gaottantacinque/defacement-phishing-vulnerability-in-one-of-the-most-used-hive-tools">XSS vulnerabilities in hive-db.com</a></sub>
<br>- <sub><a href="https://hive.blog/hive/@gaottantacinque/xss-found-in-one-of-drako-s-websites-will-add-details-after-it-s-patched">XSS vulnerabilities in scribe.hivekings.com</a></sub>
<br>- <sub><a href="https://hive.blog/hive/@gaottantacinque/hiveblockexplorer-com-is-vulnerable-to-stored-xss">XSS vulnerabilities in hiveblockexplorer.com</a></sub>
<br>- <sub><a href="https://hive.blog/steemit/@gaottantacinque/steemit-got-hacked">Malicious ads redirecting all Steemit iOS users to a phishing site</a></sub>
<br>- <sub><a href="https://hive.blog/security/@gaottantacinque/steemit-chat-is-unsafe">Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page</a></sub>
</sub>
<br><br>
<sub><b>Other contributions:</b></sub>
<br><sub>- <sub><a href="https://hive.blog/hive-139531/@keys-defender/phishing-on-hive-no-more-solution-for-all-frontends">Universal script to prevent phishing in all Hive frontends</a></sub></sub>
<br><sub>- <sub><a href="https://peakd.com/hive-169321/@keys-defender/new-commands-and-ban-lists">Commands for community reports and ban/mute lists</a><br><br></sub></sub>
<br><sub>Future development: <sub><a href="https://peakd.com/hive-169321/@keys-defender/re-keys-defender-qtca68">plan</a><br><br></sub></sub>
<br><sub>Last monthly report: <sub>https://peakd.com/@keys-defender/monthly-report-june-july-august-2021-hive-13323</sub></sub>
</div>
<b>Keys-Defender features:</b><div class="pull-left">
<div>
- <sub><a href="https://hive.blog/steem/@gaottantacinque/the-keys-defender-bot-is-live-in-beta-mode"><b>Keys protection</b></a><sub> [live scan of <i>transfers</i>/<i>posts</i>/<i>comments</i>/<i>other_ops</i>.
Warnings (<a href="https://steemit.com/newlife/@keys-defender/re-julymae07-ngswhenapplicablesub-1618660173474">reply</a> and <a href="https://hiveblocks.com/tx/893bc2fda6e5e6689595fbaa386b845749cba0a4">memo</a>), auto-transfers to savings <a href="https://peakd.com/hivedev/@keys-defender/keys-defender-development-update-v1-2-1-released">until fully restored</a>, auto-reset of keys, ..] {see automatic <a href="https://hive.blog/hive-138876/@keys-defender/keys-defender-compromised-posting-key-successfully-detected">posts on leak</a> and <a href="https://hive.blog/hive/@keys-defender/successfullyprotected-1600122002275">monthly reports</a>}</sub></sub>
<br><i>-</i> <sub><a href="https://hive.blog/hive/@keys-defender/new-feature-phishing-detection-and-auto-reply"><b>Phishing protection</b></a>
<sub>[live scan of comments and posts to <a href="https://peakd.com/hive-129496/@keys-defender/antiphish-keys-defender-bot-1616855688427">warn users</a> against known <a href="https://peakd.com/hive-138876/@keys-defender/new-phishing-wave-do-not-fall-for-it-there-is-no-mainnet-launch">phishing campaigns</a> and compromised domains or <a href="https://hive.blog/hive-193552/@keys-defender/antiphish-keys-defender-bot-1618583136062">accounts</a>, <a href="">scan of memos</a> and auto-replies, anti phishing countermeasures - eg. <a href="https://peakd.com/hivedev/@keys-defender/script-to-fill-a-phisher-s-database-with-thousands-of-false-positives">fake credentials</a>]</sub></sub>
<br><i>-</i> <sub><a href="https://hive.blog/hivedev/@keys-defender/new-feature-added-to-keys-defender-plagiarism-detection"><b>Re-posting detection</b></a>
<sub>[mitigates the issue of re-posters]</sub></sub>
<br><i>-</i> <sub><a href="https://hive.blog/hive-139531/@keys-defender/new-feature-code-injections-attempts-detection-xss-sql-injections-csrf"><b>Code injection detection</b></a>
<sub>[live scan of blocks for malicious code targeting dapps of the Hive ecosystem]</sub></sub>
<br><i>-</i> <sub><a href="https://hive.blog/hive-192847/@keys-defender/anti-spam-efforts"><b>Anti abuse efforts</b></a>
<sub>[counteracts <a href="https://hive.blog/hive-192847/@keys-defender/anti-spam-efforts">spam from hive haters</a> and <a href="https://hive.blog/hive-169321/@gaottantacinque/10-line-script-that-anyone-can-use-to-downvote-abuse-help-counteract-ongoing-farming-on-hive">milking campaigns</a></a>]</sub></sub>
<br><br>
</div>
</div>
-----
<div class="pull-right"> <a href="https://discord.gg/SXuwsH7"> <sub><sub>Discord chat</sub></sub> <br><img src="https://images.hive.blog/DQmSFrtHjrjsR3y5R6SuBJLcDG9iQYtVebsBdpRHS3YwAgv/image.png"></a></div>
<div class="pull-left"><h5>To support this project..</h5>
<div class="pull">https://images.hive.blog/DQmWmRN7k741DbkG5jL19Y5h1H5tqhpHLJUtGiTgPUy3C4y/image.png</div>
</div>
<center>
<div class="pull">
<div class="pull">
- <b><sub>Delegations:</sub></b><br>
<sub><a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=10%20HP">10</a>, <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=50%20HP">50</a>, <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=100%20HP">100</a> <br><a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=500%20SP">500 HP</a>, <a href="https://hivesigner.com/sign/delegateVestingShares?delegator=&delegatee=keys-defender&vesting_shares=1000%20SP">1000 HP</a></sub></div>
</div>
<div class="pull">- <b><sub>Curation trail: </sub></b>
<sub><sub>Follow <a href="https://hive.vote/dash.php?trail=keys-defender&i=1">my curation trail on hive.vote</a> to upvote all my posts with a fixed weight.</sub></sub></div>
</div>
</center>
hiveblocks