SCAM ALERT and WHITE HAT COUNTER-STRIKE

in steemit •  last year

Two phishing initiatives are spreading on Steemit!

Scam description

The targeted victims receive a transfer of a small amount of money. In the memo, there is a poisoned link in an attempt to steal their information.

The first attack started 2017-10-04 13:00:24 and stopped 2017-10-05 01:31:39.
It looks like this:

The second attack started 2017-10-09 18:41:03 and it is still active. Here an example:

Up to now, around 1 thousand phishing exploit have been generated!

White Hat in action

Several posts have already been published on Steemit in order to inform the users about the potential risk of such an attack. The problem is that the victims of this attempted theft of information may not have seen or read these posts.

Therefore, I decided to create a bot that uses the same technique as the attackers: the bot sends a warning message to all the victims using their wallet.

Long term reaction

The bot will run 24x7 and can be easily updated to react to new attacks.

If you notice any new suspect activity like the one described above, drop a comment on this post, contact me on steemit.chat or via Telegram (@VIM_Arcange)

I will not let these scammers rot the platform and with impunity steal naive users .

Thanks for reading!


UPDATE 1

@lovelygirl is also sending scam payments

The Warning-Bot will now monitor this account.

UPDATE 2

I published an update of the story here - Phishing exploit has been stopped - Scammers thwarted!


footer created with steemitboard - click any award to see my board of honor

Support me and my work as a witness by voting for me here!


If you like this post, do not forget to upvote and resteem

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

There is another asshole who opened up an account @blocktradess with two "s" trying ( and succeeding) in capturing some fat finger funds sent to @blocktrades with one "s" for exchanging.

·

It's always interesting to look at wallets and guess who possible culprits can be:



·
·

That was a phat loot!

·
·

Agreed mandrea could be that asshole !

·

Damn. Thanks for warning. i recently used blocktrades and be doubly sure. Now, better be triply sure than sorry.

·

There is a phishing account for most of the whale, for example - @jerrybanfeild -a phishing account for @jerrybanfield

·
·

what the hell i mean seriously ? :/ why people doing this ? wont they believe in Balance of GOD ? at the end ? at the grave ?

·
·

what ???

·
·
·

Yes @swaraj Im glad you brought that up, I also today just found @papa-peper (instead of teh REAL @papa-pepper ) and then@bittreex instead of @bittrex and then @polinix and @polinicks or something like that i cant remember the poloniex one but it was funny, sounded like how rednecks pronounce "Poloniex" its supposed to be Po Lo Knee Ex PoLoNee Ex not polinecks like some people pronounce it LOLOL

Anyway the @jerrybanfeild thing is funny, when his name is spelled Field with an I before E except after C (and V and a bunch of other exceptions...psh... that saying is sooo unhelpful when learning to spell in English.....

Anyway So who is this mandrea asshole? Can we not get his fucking blocktrades account blocked? cant we make it so when he tries to send money to bittrex or poloniex we have @poloniex @bittrex @blocktrades or @openledger intercept it, and return it to its rightful owner who can be proven by the people who sent any money to @blocktradess ALSO we should use CONSENSUS to simply take over this account. We should all take a vote, and include in the next hard fork a code that simply changes the password for that account or just removes the name OR just delete the account or disables it, for good, and credits the victims with that money, but seems like its too late and mandrea has already send that money to an exchange ? or no?
these people think they can get away with this shit, but one day in the future we will show them that they cannot. Sure they can have the freedom to accept accidental money in this manner but the community also has the right to do something about it

As soon as this fucker @mandrea tries to fucking send money to an exchange we should warn the exchange and have them confiscate the coins there has to bea way to do this.... or to hard fork this account into teh hands of real block trades and just use consensus to disable this fucjking scam account

·
·
·
·

Where there is money,there will be scams. Yes there should be some way to block these account.

·
·
·
·
·

@inertia in steemspeak.com told me that if you do enter one of these Knowing Phising scam accounts accidental into Steemit wallet, the walet dialogue Box will Warn you in red letters that it is a scam account and not to send there, (just like when you type in an exchange withoyt a memo, ) but tjey can only warn you and not prevent ou, but I would like an extra dialogue box maybe? Like even whenyou click yes send it makes you confirm and maybe even plays a short video explaining why you shouldnt send to these accounts?? I dunno we should just ..i know w cant stop peopl from sendingmoney to people saccounts in their wallets but we have to use consensus to show we have control over our own blockchain when it comes to scamers flooding wallets woth spam, we will have some solutions however, and its good this all hapened SONER rather than latwr, we wont wanna onboard millions of users only to end up with a situation with millions of users getting scammed using phishing attacks which would have never happend on a centralized platform like facebook ow teiotter where no accounts sending links like that would be up for long but that does happen on facebook and instagram etc, we cannot delete transactions from he walet history BUt we have to implement a way to , without the chrome extension (extra info steemit) to actually filter out the wallet transactions and its scarey to think anyone with bad intent can take advantage of our free transaction fee to Gum up the sytem and slow it down by spamming from one account and its really sucky! We WILl find solutions to these possible future escalations of current problems! Oh I love steemit so Much I feel Like im working in cryptography during orld war 2 or something!

Anyway discord chat steemspeak.com is liek a 24/7 text and voice chat with images videos GIFs and even @curiosity bot by @gyzimo which lets you send or recieve SBD to yoru steemit account as tips all there in teh chat! Ive already earned 5 SBD from just hanging out in teh chat which is amazing considering I didnt have to post anything! Mostly thanks to @instructor2121 Thanks for raining down SBD on the chat with @curiosity bot!

·
·
·
·
·
·

I think better solution would be something like KYC where you are verified but not sure if its too late for that. Could you please provide me the link to steemspeak discord channel? Thanks

·
·
·
·
·
·
·

haha fuck KYC kyc sucks its just an exxcuse for more control! and AML anti money laundering that is juys another excuse to control stuff

http://steemspeak.com u should come in here!

·

Could these be the cause of recent DDOS attack on Steemit because of which Steemit was down ? Just a thought ?

·

Terrible!

·

Thats correct and we need to be careful not fall prey to those....

Thank you @onceuponatime

·

The problem is downvoting them wont make them stop this assholes activities ? then how is there any option to direct ban there accounts Ip's ?

Thank you for solving this @arcange. I am @samstonehill and for the moment have been forced to another account. Was not aware they were using my account for this purpose now.

Your solution is perfect and exactly what I suggested when I explained this situation yesterday: https://steemit.com/steemit/@samstonehilltube/samstonehill-has-been-hacked-and-cannot-be-re-accessed-how-did-this-happen-and-what-are-the-solutions

Had I seen a message like this in my wallet next to the scammers message, clearly I wound't have made this mistake.

Thank you for highlighting these issues and spreading the word.

Am still keeping my fingers crossed that I will be able to confirm my identity directly with Steemit and regain control of my account.

The hackers are currently flagging me from my own account on everything I write in the new account. Not sure what they have against me?

I've just voted for you as Witness. And if I get my main account back I will do it from there too :)

Thank you for your great work.

·

Hey @samstonehilltube, sad to read you got hacked and had to restart from scratch.
Hard learned lessons are sometimes the best.

The hackers are currently flagging me from my own account on everything I write in the new account.

He is doing the same on me, but as he is a noob and burned all his voting power, not really hurting.

Not sure what they have against me?

Unfortunately for your ego, I think he absolutely doesn't care about you.
He just want to express his frustration being thwarted ;)

Thanks a lot for your witness support!
I wish you all the best!

·
·

Many thanks for putting my ego in place. My missus has to regularly :)

He must be a rather sad individual. Still, you have done a great thing here and I intend to write a post on this subject. The community reaction to this situation has been amazing. @timcliff has already changed the wording for the registration process so that others don't make the mistake I made.

Clipboard - October 9, 2017 6-54 PM.png

In my new account I have received so many donations today from awesome generous people.

And going through all the comments to my latest post, it is so encouraging to feel the passion of this platform.

Thank you for playing your part!

·
·
·

In general, I don't like bots. But today I want to thank you @arcange for giving me this great example how bots can be used for good. Counter-attack is a great tool in addition to a general advice to newbiess how to keep themselves secure.
Today I wrote a separate post advising my 1400+ followers what dangers they maybe facing here, and how to avoid em.
Together we are stronger than those scammers (sorry, but my coding skills are next to zero, so I can not make any bot like yours)
@samstonehilltube I will keep my eye on your new acct , will try to help recovering on this new acct as much as I can

·
·
·

Just for the record, I was going to change it but when I went to make the change, the wording in the screen shot was already there.

·
·
·
·

I want to take this opportunity to personally thank you and @arcange, for your assistance to @samstonehill in recovering his account. I am proud that I selected you as a witness and @arcange. You are both what I think one part of the witness program is all about, helping and supporting the users during crisis situations such as this and all the hard work you both did during the ddos attack. Thank you for your support of the Steemit community. both of you.

·
·
·
·

WE need to get 2fa added for added security as well .
Damn the inconvenience. You know what is inconvenient. Losing all your STEEM and loyal followers.

·
·
·
·
·

I am not aware of a way 2fa can be implemented at the blockchain level.

·
·
·
·
·
·

If it's possible to have 1 factor authentication, it's possible to have 2 factors. We already have this in a limited form via posting keys vs master keys.

·
·
·
·
·
·
·

Someone smarter than me will need to explain how it is possible with the blockchain technology. I am not sure how it could be done.

·
·

I want to thank you and @timcliff for all the assistance you both provided @samstonehilltube in recovering his original account @samstonehill. He was trying to bring a little bit of light to the evacuees in Bali because of the volcanic activity there when this happened. It is nice to see that things worked out for him thanks to you two.

Thank you for your help!

Thank you so much for doing this for the community!

I think it is good to bring these kinds of scams to the attention of the Steemit community. It looks to me like they are targeting power users. The motive is to steal money. There is a small clue that this is a hoax. The scammer is using a gmail address. We have to be skeptical of all such communications and think twice before replying.

It is very generous of you to use your own money to help defend people in the same forum. How much is this costing you? (I guess it depends on the number of scam messages being sent).

·

Scammer stopped his exploit when he s noticed counter-strike, so it din't cost too much
Up to now, sent 846 warnings ... affordable ;)

This posts have been re-blog.
Thank you for your post @arcange

Thanks a lot for exposing the subterfuges! They tried to get me too... Luckily, I didn't click on anything and followed the inherent wisdom that seemed to be calling me not to open it.

Namaste :)

·

I felt that too. And it was FEAR, tiredness and feeling under pressure in that moment which led me to ignore my instincts. I posted the full story yesterday:

https://steemit.com/steemit/@samstonehilltube/samstonehill-has-been-hacked-and-cannot-be-re-accessed-how-did-this-happen-and-what-are-the-solutions

Really hope my mistake doesn't negatively affect others.

·
·

I would like to challenge you on that last statement. How others feel is their responsibility. What does negatively effecting others even mean? On the contrary. Your mistake is HUGELY BENEFICIAL to others because you are sharing it. It's helping me tighten up my security.

·
·
·

I was thinking about the hackers using my account now to trick further people. The number of followers and high rep works to their advantage by making people think they are authentic.

But you are right of course, what has happened here will ultimately lead to improved security features on the site and heightened awareness of the importance of security for all!

Thanks again for your support Danny ;)

·
·

"Experience" is the name we give to our mistakes!

·
·
·

You said it. Always learning. And for sure this experience has taught me much!

Good deed goes a long way.
Why why.
Thank you for giving a helping hand.
Resteemed
Keep on steemit and protected steemit

·

I will do. Thanks for you comment

Hey arcange,
Very interesting read, Thanks you for sharing it!

I think I read samstonehill got scammed and I saw this message somewhere too.

·

More reasons to try to protect others users.

·
·

people are so desperate, why don't they invest their energy providing value and creating informative contents instead of doing evil activities like this??

·

It's all very nasty. Yet look around this thread / post and the goodness is amazing. Thanks all for posting your experiences no matter what. I learn so much from these posts, they are invaluable.

Yeah, I think sam account got hacked, and the scammer use sams account to get more victims.

It's terrible that this can happen to people who have such a large amount of steem, or any amount for that matter. Hopefully as a community we can figure this out and keep everyone's accounts safe

This is horrible I don't even think that there's a kind of people like this. These are people that really want an instant money for their own good. Well anyway thank you for sharing this atleast i'm aware now and will resteem this post to my friends to prevent spreading.

When I first arrived on steem it ( not so long ago ) I received a message from a @jones420
with a simular propsition

·

Thanks for notifying.
I made some analysis and indeed, this account looks suspect and is not trustful.
I will add it to the Warning-Bot list.

·

Reported here

wow, we owe you major for this, my friend

Great idea. I feel bad for anyone who falls for this stupidity, but sadly people still need reminders to not do stupid things online. I appreciate your efforts here.

·

Thanks mate!

·

I have done some really idiot things online..... most of them at poloniex and bittrex though. Painful yes, but not embarrassing, not yet anyway. My problem has been the infamous FOMO.
Now I follow everything @arcange post because that FOMO should be shared by us all.
#SafetyPatrol

thanks for sharing :)

Thank you so much for your post!
Upvoted and resteemed!

·

Thanks for spreading the new!

That is how you handle THAT! Great work. You have saved many people from unwittingly falling for the scam. I see that you just started the bot. Just curious, what order does the bot choose? From 1st to most recent? Alphabetical? Rep?

·

The bot is processing from oldest transaction to recent one.
Then it will monitor each new transaction.

Thanks for sharing and educating those that are not aware. We need alert Steemians who can recognize these scammers and uncover their cheating acts on others.
Thanks
@jackpot

This post alone deserves a witness vote for you. While other witnesses are trying to charge $50 for a new account, others are doing work like this. Do the right thing people!

·

Thank you for your support! Appreciated =)

·
·

A pleasure, apologies for being 'late' with the witness vote for you.

Thank you @arcange !! I am stupid enough to fall for this! thank god it was only 2SBD as i just want to test it first.

You also took the hassle to send me a memo. A worthy witness!!!! got my vote.

I knew something is wrong. @lovelygirl i'm coming for you!!!

·

Thank you so much for your witness vote! Appreciated =)

This is what we need now a counter attack... worth to become my witness.

·

Thank you so much!

Hi @arcange, I've been following your posts for a month now. You're doing an amazing job without missing any opportunity to serve the community. The current post is another fine example in this regard.

You're a saviour!

This post should be shared by all the readers. It will help many to protect their accounts from this scammer. Just gave it my shout out.

Keep sharing, caring and inspiring. Stay awesome dear @arcange. You earned my respect.

Steem On!

·

Thanks for you warn comment. Really encouraging.

Hey @arcange the whole Steemit community salutes you for the non stop effort to make steemit great and safe for everyone.
Thank you brother for this post, resteemed and followed.
Follow me @oodeyaa

Thanks for warning. There is a phishing account for most of the whale.

Thank you @arcange! I upvoted your other post as well and as I say there, you've got my vote for witness!

·

Thank you for your support and you witness vote!

Thank you so much for this information. I really hate those opportunist who have nothing to do but steal and scam users. Why can't they just do something good from their talent?

worthy of a witness vote... so many witnesses are worthy... I will have to search through my list and see if any aren't quite up to it

·

Yes, many witnesses are doing their best to promote Steemit and help users.
Thanks for your support. It is really appreciated!

·

You have my witness vote too for this @arcange and your daily statistics - thank you.

Thanks for all the work there. Much appreciated. Have been seeing your wonderful works for steemit. Not much support but you have my witness vote :)

·

Thank you for your comment and witness vote!

Excellent way to advertise on a SCAM

But I think in addition to the creation of that bot, it would be useful to enable a word filter system, to detect "MEMO" words like "Account" and "Blocked", and block transactions timely while someone assigned personally checks the memo and discards it or authorizes it, being able to cancel accounts of Scammers directly, as well as preventing transactions from being received by potential (unsuspecting) victims.

Thanks for sharing @arcange

regards

Omar I just recently found your channel and I been digesting all your content, in fact I only had 4 hours of sleep last night and the 1st thing I did was resume reading all your blog posts and watching your videos. I don`t know how to describe it but I feel connected and see my self in you in the beginning on your videos, once again I read these type of posts by you and always giving back to the community. Thank you sir! PS I see now this post was promoted my Omar, still leaning steemit. But many thanks none the less to you OP!!

Thank you for the info sir.
Can I ask? How can I know my account already hacked or how can I know that was a phishing?
Thank you.

·

How can I know my account already hacked

It doesn't look like your account has been hacked as you are pretty new to the platform.

how can I know that was a phishing?

A bit of paranoia will help. Do no give your trust to fast and perform basis verification.

Thank you for your warning @arcange. Almost lost money there

Thanks for the information

strike.....?

·

Striked out! The exploit stopped =)

Your post caught the eye of @jbbasics in a Steem drive-by. It received a 50.00 % upvote from @steemcondenser. Steem on my friend!

Thanks for the warning mate.

How we protect our account @arcange . And how we know we are under attack ????

Thanks for alarming as we all will be careful in the future. Please upvote me.
https://steemit.com/official/@rizwanphe/main-cash-book

nice one! keep it up.

This is incredible. The people in this community that will help others and make useful robots. 🙏

·


This one is also a useful robot, and it helps a lot.
Unfortunately, I'm not skilled enough to build one for Steemit :/

thank you very much for share.

Thank you for your help

Thank you!

Thanks you so much for your warning and effort on creating a warning bot !

Bro thanks for this information, am just speechless as to how people will and damage people. Am following you to keep abreast of things like this am new to this platform and hope to make the best out it. Am resteeming it too though my follower are few but it will still go a long way in spreading it further. Thanks and God bless.

Thanks for the warning. I have just joined the site, so you can imagine my fear.

Thanks for sharing! Upvoted and resteemed!

I got one of those, thought it was a scam.

Thank you very much

Keep up the great work @arcange!

Yes, I understand

Very helpful! thanks for sharing... Resteemed
everyone should be informed about this ... and interestingly, you are the first article I find on this subject!
THANKYOU THANKYOU SO SO MUCH!

·

You're welcome =)

Thank you for routing this one out.

Wow, this is great! Wish this action could have been taken when I first reported it to steemcleaners. I guess they are overburdened, but we need prompt actions in phishing attempts. Thanks for doing this, this will save many...

Thanks for informing and posting this useful alert.

Thank you for the information it's great that positive action has already been taken to rid this site of such scams. May the community grow stronger!

Much appreciated. Have been seeing your wonderful works for steemit.

I was thinking if there is a way to block their accounts apart from flagging them and making their reputation go negative

·

Making their reputation negative won't block them. Just adding a "sign of suspicion" next to their name.
But, when you get such notification in your wallet, the reputation of the sending account is not displayed.

Good job. I hope this doesn't get too expensive for you. Money transfers has turned into public direct messaging. What if in say the interface the devs of Steemit hide by default hide transfers smaller than one Steem Dollar? If you run an public rpc node I would vote for you as a witness. That's my criteria.

·

Money transfers has turned into public direct messaging

No need to hide small transfer but implement a decent messaging or, even better, Instant Messaging. This is something Steemit.com really lacks of.

Regarding my witness, I run a public seed node at steem-seed.arcange.eu. Therefore, your witness vote is welcome ;)

someone registered bittrexx. Someone sent the account 5000+ Steem accidentally.

·

Nothing we can do against that except informing/educating users.
Mis-typed name squatting exploit has already partially been addressed by steemit.com
But one could use another client to do transfers, even on command line using cli-wallet.
Not doing thing in a hurry and double-checking before pushing the send button is the best practice to adopt.

·
·

I whole heartedy agree. You would think someone throughing around so much steem could afford to buy a computer with a real physical keyboard.

thank you for your work! appreciating! will def follow you and check your account every time I login steem so I can feel safe.

Damn. Thanks for the warning.

Finally, someone standing up for the community. Many of us are new here and don't have any idea on how to deal with threats like these. Thank you, you are doing an outstanding job.

·

Many of us are new here and don't have any idea on how to deal with threats like these.

If you follow the simple rules I published in this post, you should be safe.

·
·

I will surely have a look at your post. Thankss

Thanks for the heads up.

Up-voted and re-steemed

Awesome solution! I was trying to flag their account, but since it's a wallet message and not a post I couldn't find a way to do so. This message should help thwart their attempts at phishing. voted and resteemed!

·
·
·

Wow, that twat face @accounttransfers is down voting all the comments. Fuck you asshole.

Thanks for sharing...

Why can’t these phony accounts that are trying to scam people just be removed?

·

Because this is a decentralized system

thanks for the info! Resteemed.

This needs to be stopped. I made a Dutch translation to warn the Dutch-speaking audience.

I would suggest others do the same for other languages.

Thanks for the intel, I usually don't even notice these things.

thanks for informing.. :)

Great post and awesome whit hat bot you've got. Given you my witness vote. #keepsteeming

I have voted for you as a witness. Thanks for this tool, resteemed! I'm interested in writing bots; is your source open? Thanks!

Thanks boss

What is the most efficient way for regulars users to protect themselves?

Thanks for this service!

Great job @arcange. Thank you.

But I know samstobehill, did his account get hacked then? I went and looked at his page and he transfered you .001 asking why you were spreading lies about him, yet sure enough... He has sent s bunch of people messages about their account being blocked.. so I'm wondering what's going on...

Thank you so much for doing that and for providing this info. I'm out of upvotes, re-steemded

It's surprising something like this was not already in place, thanks !

Whoohooohh!! Go anti corruption bot!!

Thanks so much for the PSA! I’ve always wanted to do white hat/vigilante stuff, but so far lack the technical knowledge. Anyway, it’s cool to see someone actually doing this kind of thing. Keep up the good work and I hope this comment makes you feel appreciated for your work.

Thanks for the heads up! Its good to have people like you around with the right know how and willing to help the community

Omg scary thank u so much for sharing this post it’s nice to know someone is trying to protect us on Steemit thanks again xx

Hi @arcange, I got this one about 3 hours back:

3 hours ago Receive 0.001 SBD from boostupvote the Best Resteem service! VERY LOW RATE Boost your post! Send MINIMUM bid = 0.200 SteemDollar and put your post in memo. I wil resteem as soon resteem over 2500+ FOLLOWERS

·

Thanks for notifying. I will check this account.

This is another kind of attack used alert guys

Thanks a lot friend for giving such kind of useful information
@umajeed86

I got scammed by @lovergirl. Thanks for highlighting this, especially seeing that you have way more reach than I do.

its a hoax clearly

thanks for this. im new to steem and i keep seeing these scams popping up.
HA

Wow, thanks for for sharing.. I'm brand new around here so its great to have this warning up front. Greatly appreciated :)

·

Thank you and good luck on Steemit.

You're amazing @arcange! Thank you so much for putting an automatic warning system in place. What jerks! I can't imagine any amount of anything that is worth compromising integrity. So lame.

Thanks for the heads up! We can't be 'hacked' if we've noticed some random acc put small amount of funds in our acc right? Just don't click on any links or make any downloads yeah?