EOS911 - An initiative to help the victims of phishing attacks ("register-eos or similar phishing methods")

in eos •  6 months ago

If you believe you're a victim of phishing attacks, join [EOS911 - Emergency] Telegram group: https://t.me/EOS911

More and more EOS token holders have been reporting they registered their key via phishing sites. This channel will serve as a space for the victims of phishing attacks to voice their issues so that we can organically work out a resolution.

June 12 - Report on the google form (those who completed the form can now see the results) : EOS 911 - Support for victims of phishing attacks

So far, here are the EOS Public Keys that are in dispute (no further investigation have been done on these accounts yet) :

EOS5xfuKArzWVHLimx1nwNe5XX4EKTqeSkiUsnk8FNbpj6qLJLtCX
EOS6sdXDTmX63aNyrPFd8EXX6hgbEipUXcBLkgQYyRfoYjmtCuNZV
EOS6DpXh8Xz9sK19KuMrAbgmToBwnZU2GkG74zaovv8aLnCWz6QZU
EOS5Z6qzRKCpUcAXrDsEUnkTXMtdk83eM1WEyhQMdBoZiYxc3BRd3
EOS4ti8cyBMmn8CV9KNyn49tLPbeNEYsMw26VgXabjRi645ESfp46
EOS72FrCvgWVyzE5jCFbAH77JyKa2oJnY9hMtFJUfVCRnhaWQ4cNo
EOS8XqZAhwGX8LbcyKNWbZZFm4R5Pu6MJfuicGpQyqEbZnDyhEgmG
EOS7x8pKfDqWUx6Ud2vsYu3b6NaE2xk2eHn84Nx1ZzHmcSk29ZJhL
EOS6jDfkACHn7hxmQQ2oHoGB6yVhQbQFQJrhPArFfm2HeFYnmFWB7
EOS5cHMksYi4FoQHhhZ7tw8Ep9jjHmJULpoTssFGS5FdvgHjNUmZx
EOS5mRyMB3fv9gmh1mrYZkH4fDMThkBLy4AE45PguyxRzXzd9SWoK
EOS5fbXrEV8T14eSwQDDCZbdZkrxaKQSQQqo8Bc2pFmV4n954M3bQ
EOS6NarBTNojSCR6UDM2qJ4VYVwYYDYHv1AfzoG84gxXsW7iERHHE
EOS7VbK36fjs4dNJGrjkaUTErvJaKLMTnYUSsmepxanoT913oYJ4n
EOS5CvhLjADTkCn4iGoYh17B4bSfZz1HeQzuUy8Gz6aGoC4kzCVAw
EOS77SKJe9FGnLnfh2n9gzXjiVyZQv9G3mvdGTMnZj3CB6rSC9Eit
EOS6XnZqnoLWsocwNBuefzTT8jc1Np4a3n8bjN4UZK6V4bpNHS5CS
EOS86j7kBm4hwFp2osdFgdWTvagTNm8g7b1dYx6K9S9TW6yf9KGfb
EOS8m9dPneQjPaxDgB8jcVpqyf7wk9UhG2co4tfw6jZFUjEGMNheP
EOS6hCpyDt369p82zHFy4TKkyhqEcKMSYx7hju3Y4ttEb8c1Y73eJ
EOS8HE9yuMyHfuMF1fciMxjJPWjsZJAozFcZ7bugefLUrUuxm2KT1

Analyzing the responses (Sample size: 25):

Most of people have their addresses mapped, but they seem to not have the correct EOS key pair.

Screen Shot 2018-06-12 at 1.54.25 PM.png

Screen Shot 2018-06-12 at 1.54.43 PM.png

Most of the victims still have access to their ETH (the one they used to map the EOS key)

Screen Shot 2018-06-12 at 1.55.12 PM.png

Most of the people discovered the issue when the private key they hold cannot activate their accounts.

Screen Shot 2018-06-12 at 2.13.48 PM.png


There are multiple examples of phishing attacks. But in conclusion, the most used method/process seems to be:

  1. The victim enter their ETH Public key.

  2. Interface derives an EOS key pair with 2 different private keys from that ETH public key. Only one of them is the legitimate one which was not shown on the website.

  3. The victim gets a fake private key that doesn’t match their EOS public key.


Working on a solution (still being discussed):

✅Victims of phishing attacks can use their ETH Address (Via proof of ownership such as: performing a transaction in your ETH account that you used to map your EOS key, digital identity auditing, keybase, LinkedIn, etc)

✅The goal is to bring more awareness about this matter so that the BPs can reach consensus on freezing the accounts in dispute to at least prevent the attacker from moving the funds before 15% of the tokens are being used to vote .

✅Further, cases will have to be processed by the ECAF (EOS Core Arbitration Forum) so that rulings can be made to command the BPs to rollback those funds to their legitimate owners.


Victims please take 1-2 mins to fill in the form:

🇬🇧English Version

🇰🇷한국어 설문조사

🇨🇳EOS 911 - 钓鱼网站受害者缓助, 受害者请填写此表

🚨Related GitHub issue: https://github.com/EOSIO/eos/issues/4030


Social

Website
Twitter
Telegram
Instagram
Youtube
LinkedIn
Weibo
Bihu

2018-06-10 10.47.57.jpg
EOS42 is an EOS Block Producer Candidate based in London, UK

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Good stuff!
Luckily Steemit seems quite robust from a phishing pov.
I just wrote this article, would you mind giving it a look?
https://steemit.com/security/@gaottantacinque/steemit-security-check-iframe-tricks#comments
Many thanks :)

·

Nice article, worth reflecting about it..