EOS911 - An initiative to help the victims of phishing attacks ("register-eos or similar phishing methods")
If you believe you're a victim of phishing attacks, join [EOS911 - Emergency] Telegram group: https://t.me/EOS911
More and more EOS token holders have been reporting they registered their key via phishing sites. This channel will serve as a space for the victims of phishing attacks to voice their issues so that we can organically work out a resolution.
June 12 - Report on the google form (those who completed the form can now see the results) : EOS 911 - Support for victims of phishing attacks
So far, here are the EOS Public Keys that are in dispute (no further investigation have been done on these accounts yet) :
Analyzing the responses (Sample size: 25):
Most of people have their addresses mapped, but they seem to not have the correct EOS key pair.
Most of the victims still have access to their ETH (the one they used to map the EOS key)
Most of the people discovered the issue when the private key they hold cannot activate their accounts.
There are multiple examples of phishing attacks. But in conclusion, the most used method/process seems to be:
The victim enter their ETH Public key.
Interface derives an EOS key pair with 2 different private keys from that ETH public key. Only one of them is the legitimate one which was not shown on the website.
The victim gets a fake private key that doesn’t match their EOS public key.
Working on a solution (still being discussed):
✅Victims of phishing attacks can use their ETH Address (Via proof of ownership such as: performing a transaction in your ETH account that you used to map your EOS key, digital identity auditing, keybase, LinkedIn, etc)
✅The goal is to bring more awareness about this matter so that the BPs can reach consensus on freezing the accounts in dispute to at least prevent the attacker from moving the funds before 15% of the tokens are being used to vote .
✅Further, cases will have to be processed by the ECAF (EOS Core Arbitration Forum) so that rulings can be made to command the BPs to rollback those funds to their legitimate owners.
Victims please take 1-2 mins to fill in the form:
🚨Related GitHub issue: https://github.com/EOSIO/eos/issues/4030
EOS42 is an EOS Block Producer Candidate based in London, UK