Joint Witness Update: @Anyx @Guiltyparties @Patrice

in witness •  4 months ago




As many of you already know, several @steemcleaners members run witnesses. This is a joint witness update for @anyx, @guiltyparties and @patrice. @Pfunk is also a witness and member.

For the last month we've focused on fighting phishing on the STEEM blockchain. We dedicated countless hours to routing out and neutralising the threats and to providing victims with assistance.

Development of Reporting Mechanisms

  • We have leveraged our existing Steemcleaners.org website and both our chats (Discord and steem.chat) to gather and evaluate reports of phishing links and infected accounts.

You can report phishing in three easy ways:

  1. Submit the Abuse Form https://steemcleaners.org/abuse-report/
  2. Contact us on Discord https://discord.gg/pQCnTjE
  3. Contact us on Steem.chat https://steem.chat/channel/steemcleaners-public

Development of Anti-Phishing Tools

  • @guard bot was developed to unfurl short-link URLs and seek out links to known phishing websites. This development was undertaken as a response to the criminals' use of shortlinks akin to bit.ly. The @guard bot unfurls these links, seeking out those pointing to phishing websites.
  • @mack-bot was adapted to flag phishing comments of accounts placed on the Phishing tracking list. The tracking list is updated when a new infected or spawned account is discovered or when a victim restores their account.
  • The goal of these anti-phishing tools is to flag and hide malicious comments while doing minimal damage to the infected account.

Discovery and Neutralization

  • Both infected accounts and accounts created purely for phishing have been systemtically identified and flagged to hide their comments. This was done manually through the @steemcleaners and @spaminator accounts and automatically through the @mack-bot and @guard accounts. For this, we leveraged a variety of monitoring mechanisms and reports by our fellow STEEM community members.
  • A Phishing Master List was created and is being regularly updated to keep track of the current wave of infected and spawned accounts and to be used as a reference going forward.
  • Numerous requests to registrars and hosts of phishing websites have been made by our team and a portion of these websites were taken down as a result.

Future Plans

  • We are actively working on various methods of organising and retaining historical data on phishing and other related attack vectors. One of these methods is the aforementioned Phishing Master List.
  • We are persuing speeding up discovery of phishing links and other malicious attack vectors.
  • We will be employing reporting mechanisms that filter information based on "abuse types" with notifications to members of the @steemcleaners team.

Recovery Assistance

  • We are available in both Discord and Steem.chat to assist phishing victims and have done so by walking them through the password roll-back process, helped them edit comments, and worked with them every step of the way.
  • On average, we have spent 2-3 hours with each individual requesting our assistance.
  • In cases where accounts sustained irrepairable damage, we helped victims restart anew by creating new accounts for them free of charge.
  • We are actively seeking volunteers with high-reputation and high-SP (Dolphin and Whale) accounts to upvote recovered phishing victims in order to help restore their lost reputations. Unfortunately, we are unable to use the @steemcleaners and @spaminator accounts for this purpose. Please let us know if you can help!

Read More

  1. Introducing @Guard: A Proactive Measure to Limit Phishing on Steemit
  2. Phishing: Attacks and Recovery
Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

What a wonderful job, I didn't know they had so many defensive measures to avoid these problems and to solve them.

Especially that you show step by step how to act in situations like these.

This is hard work, great update.

I have helped a couple accounts scammed lately by sending them to you guys and you have helped them quickly, very good work.

This is why I gave @patrice a witness vote months ago, watching her work and that is only the bit I saw.

She is great!

Someone called @gmrbotswana has raped all my posts with a -10 cents downvote, can someone help me stop him?

·

I might know someone interested in that activity.

Congratulations @steemcleaners, this post is the seventh most rewarded post (based on pending payouts) in the last 12 hours written by a Hero account holder (accounts that hold between 10 and 100 Mega Vests). The total number of posts by Hero account holders during this period was 264 and the total pending payments to posts in this category was $3404.48. To see the full list of highest paid posts across all accounts categories, click here.

If you do not wish to receive these messages in future, please reply stop to this comment.

I've only been doing a bit of this work— helping people change keys, edit comments, and get new accounts— but it is really tough, and in a lot of cases, really sad. Thanks for stepping up. I don't think it can be said often enough; we need more and more accounts to actually care about each other here on the platform, but until we have that, the burden is heavier on the few that take the weight on their shoulders.

Thanks for all the hard work @steemcleaners and crew! As Steemit gains popularity, I fear these sorts of incidents will only get worse.

Have you at all been in touch with and/or vested @quochuy who has allegedly developed a Chrome extension to alert someone of a phishing attempt in real time? He posted on one of my warning posts about a week ago.

I am not a very large account, but I would be quite happy to give a few upvotes to verified victims of phishing attempts.

Thank you for your support👍👍👍

wonderful community and good post..
thanks for sharingo

Sir I am sorry. I have made a big mistake in understanding something new because I'm new to Steem. It will not be wrong. I am a student. I tried hard to read. I did not understand the news from Steem on youtube.Please remove flag.I'm wrong. It will not be wrong. Sorry...

·

You weren't flagged by Steemcleaners.

·
·

Yes but I have been flagged by the blocklist but can not chat to him.please help me....kindly

·
·
·

That's not a Steemcleaners account either unfortunately.

·
·
·
·

Help me please

Dem peoples gots my vote. :)

Fishing them phishers.

I am against impostors who are trying to impose their own rules on everyone. You put a flag on me and made a loss of about 10 SBD. Since I have a small voice, I will have to obey the bandits. I have fulfilled your conditions. But, then you will give me back my upvote. I make content and make it interesting for my audience. You are engaged in extortion from the authors and hinder the development of social networks. And you make money on it. You are not free fighters for your ideas. You are thugs who earn extortion from the authors. I will put flags to all your posts until I bring you the loss that you brought to me.

This is a nice community service

Great work man!