In this article that I published a few days ago I announced that I found and turned in 44 compromised private keys.
Today I finished scanning the STEEM Blockchain (the remaining 30 million blocks) and these are the results:
- - 1x PRIVATE ACTIVE KEY.
- - 55x PRIVATE POSTING KEYS.
- - 13x PRIVATE MEMO KEYS.
One of the private posting keys belongs to a user that leaked his key years ago and is still active. They have almost...
10 K Steem Power
- 9,695.373 STEEM POWER
- 165.304 STEEM
- $9.845 SBD
Estimated Account Value: $1,933.81
Most of the other accounts are fully inactive and have nearly nothing but some instead have a few thousand SP, others more than 2 thousand followers, reputation up to 70, savings up to 600 STEEM, etc.
An interesting aspect of these findings is that the private active key that my blockchain scanner detected was compromised by his owner in an account_update operation (eg. updating the link to his website or his location on their Steemit profile). That is very uncommon as most of the accidental leaks occurred in transfer/comment/post operations.
Having my bot not limiting its private keys detection to the latter operations has proven itself as a good idea! ; )
As I did the last time, I just sent all these private keys to @guiltyparties (IMO one of the most reputable Steemit Witnesses) and I am going to notify all these users through wallet transfers, telling them that they compromised their accounts and need to reset them asap using their master key or password. PS. Done!
Some additional stats collected after my whole scanning activity:
Total private keys found and turned in: 123
Sum of all compromised accounts' Steem Power: 26,277.857
- Excluding liquid STEEM and SBD
- With today's (low) price of STEEM the sum of their 100% upvotes would be $ 0.21 / $ 30 a month (+ downvotes re-use on platform abusers?)
Sum of all compromised accounts' followers: 27,832
Note: accounts with compromised private Memo keys are excluded from the calculation of the total funds and followers.
UPDATE on my STEEM blockchain scanner that will keep scanning new operations published into the STEEM blockchain in order to prevent the leak of new keys: ((long phrase, take a breath! XD ))
One important additional feature that I am going to add (besides the ones mentioned in my previous post): the bot is going to monitor those compromised inactive accounts and if they ever start getting abused, I'm going to burn all their Resource Credits upvoting burn posts so that no one else will be able to use them.
I will start doing so only on detection of abuse of the dead accounts though. Otherwise if the rightful owner ever comes back to the platform, they likely won't be able to reset their keys or notify their return due to the lack of RC.