@steemengineteam Leading Lambs to the Slaughter
@steemengineteam has allowed their website to be compromised or are colluding with bad actors (not to be confused with the legitimate site https://steem-engine.com/ , for future reference if you are creating a dapp pick a unique name for your future dapps so there will not be confusion like this). @steemengineteam does not use a secure method to have users plug in their keys so they are easily hacked or "sold" in order to be abused by accounts like @fiftysats or @superheroes
@steemengineteam is using stolen keys to upvote their auto generated spam posts which add no value to STEEM Blockchain. Since they are either colluding with @fiftysats and @superheroes (and possibly others) they are now a confirmed scam. The link they provide on their profile is a confirmed scam. It's dangerous for anyone to follow that link. @steemcleaners , @steemflagrewards @ocdb @theycallmedan @aggroed @buildawhale please look into this as it may be a big rabbit hole of stolen keys and unsavory actors which will continue to perpetuate unless a real solution is found.
as soon as @fiftysats was found out they started posting the same style posts (same verbiage etc) as @superheroes . Once @superheroes figures out they have been discovered they will just set up or activate another "sleeper" account. A big and obvious clue is someone posting every hour and receiving 1000+ votes for spam. How can this continue to be tolerated? Isn't there an algorithm to easily spot these types of scams?
1 suggestion I have is to automatically change the lesser keys each quarter or 6 months in order to ensure the security and validity of the use of those keys. Yes it might be a little inconvenient but when people end up leaving the blockchain with permissions in place then those stolen keys can be used in perpetuity. However if they are reset every now and then , the abuse will be automatically limited and finite in their ability to steal. The master password would always remain the same and can be used to retrieve new keys when they are reset. We need a long term solution to this type of scam otherwise these thieves will just set up another account and reap the benefits until they are caught and then continually repeat the process.
This is not a "set it and forget it" blockchain even though you can automate operations. Nothing is guaranteed and Hardforks happen and policies and procedures adapt as well. In the next Hardfork, "stolen and abused keys" needs to be addressed.
Now this is public record and I have done what I can. I hope those with Power can squash these thieves. At the moment @superheroes and @steemengineteam are laughing at us and will continue their abuse. They say we are weak and say they can continue this scam forever and there's nothing we can do about it. If this is true then the future for STEEM does not look very bright. Everyone here should be absolutely outraged that this has been going on for so long right under our noses in plain obvious sight.
If you recognize any active member of STEEM voting these accounts have them change their keys since their accounts are compromised until a more permanent solution can be found.
100% rewards going to @steemflagrewards for their response on the @fiftysats and @superheroes accounts. Now lets plug the leak and not allow new or naive users continue to sign up on @steemengineteam unsecured website.