THERE IS NO AIRDROP, IT’S A PHISHING CAMPAIGN!
Do not open that website, it will only try to steal your keys.
How the phishing campaign looks like:
65 replies were already automatically sent out by @keys-defender because (luckily) I manually blacklisted the domain used in the phishing campaign on steemit. This helped to limit the damage and hopefully, no one fell prey to it.
PS. it looks like they want to try and continue anyway..
Phishing accounts that the attacker used so far:
(more will likely be created)
'lassi', 'rubbii', 'ranaa', 'lawns',
'uzma1', 'bahadd12',
'samani', 'dowie', 'shappo',
(more will likely be created)
Automated notification for phishing links in my Discord:
...on fire 🔥 🔥 🔥..
UPDATE:
A new wave of phishing started today on Hive (after the attackers temporarily moved back to steem using a different shortened url that pointed to the same site).
The new PHISHING SITE is: kimberlyameyrealty.ga >>>>> DO NOT VISIT IT!!
Again, there is NO AIRDROP, it's a SCAM!
What does this bot do?
- Keys protection[live scan of transfers / posts / comments / other_ops, auto-transfers to savings, auto-reset of keys, ..]
- Phishing protection [live scan of blocks to warn against known phishing campaigns and compromised domains]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
- Phishing protection [live scan of blocks to warn against known phishing campaigns and compromised domains]
- Re-posting detection [mitigates the issue of re-posters]
- Code injections detection [live scan of blocks for malicious code targeting dapps of the Hive ecosystem]
My security disclosures:
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
- XSS vulnerabilities in hive-db.com
- XSS vulnerabilities in scribe.hivekings.com
- XSS vulnerabilities in hiveblockexplorer.com
- Malicious ads redirecting all Steemit iOS users to a phishing site
- Reverse tabnabbing and clickjacking in steem.chat and steeemit registration page
To support this bot..
