Steemit Crypto Academy Weekly Update #5 Homework Post for @gbenga [Nigeria] | All About Blockchain Security | @nachomolina2
This is my participation in the contest sponsored by @steemitblog: Steemit Crypto Academy Weekly Update #5 [ March 8th, 2021 ]. Homework Post for @gbenga [Nigeria]: Steemit Crypto Academy : Lesson 5 : All About Blockchain Security. I invite all Steemit.com users to join. @juanmolina @betzaelcorvo @corinadiaz
Image created by the Author
Introduction
Scam Alert
Scammers abound on Blockchain despite the fact that there are security mechanisms in place that make decentralized platforms relatively secure sites. I suppose motivated by certain characteristics that define decentralization, such as: Inclusion, freedom of expression, anonymity, confidentiality, open source, public access, among others.
These freedoms that make the Blockchain friendly and at the same time flexible, open the way to unscrupulous people, who camouflaged among the demography that seeks to work and make solid contributions to decentralization, attackers take advantage of the circumstances to commit cybercrime with the intention of seizing the virtual assets of the common user.
Blockchain Security
Every macomunified platform offers a user account, provided with a blog for publishing and a crypto wallet. By subscribing services in an ecosystem the user is granted their private keys so that they have full access and control of their account.
Ok, so far so good, but what happens when the private keys are compromised?
I am going to tell you about my own experience with a Blockchain scam. Where my previous user account was compromised. Having accumulated three years of continuous effort, 68 reputation, 1700 followers and over 1000 SP. Plus an impeccable track record with some significant degree of influence.
Use case 1:
Recently my Steemit account was Hacked. Unfortunately I lost access to my blog and my wallet, even though my sensitive data I have always kept in a safe place due to human error my security keys were compromised. Currently my account is in the process of "stolen account recovery", but inevitably my virtual assets are being transferred to another account by the fraudsters. The owner and master passwords allow access to your assets, as well as the ability to change your current passwords. At this point you will have lost control of your account and you have a period of thirty days to try to recover it. In the event that someone may go through a problem similar to the one I have mentioned I would recommend that they proceed instantly to report the theft; they could contact support@steem.com to make the notification. Other users like: @steechiller or @quarantine, are also willing to help. Still, the main solution will always be to keep your security keys in a safe place.
How do the attacks work?
(Most common attackers)
For their part, DoS, DDoS, as well as, twin "Sybil" attacks seek impersonation to boycott companies, mainly, trying to access their accounts by substituting data that simulates the actions of the real owner, being able to compromise the entire blockchain until rendering it unusable.
All of these procedures employ the use of bots to track user habits, search for passwords, open sessions, extract documents and reveal encrypted data. This is one of the most frequent types of attacks that developers fight against trying to implement robust security protocols as a constant task.
Use case 2:
Recently, I also experienced a "Dusting Attack" related scam, where I was told that I had been a winner of a certain amount of bitcoin deposited into a fake wallet of a supposed virtual service provider company. After accessing the interface it asked me to deposit a certain amount of crypto in order to release the funds. This case had no impact on me because I did not have the amount requested for the deposit so I lost all interest, but I could imagine the case of some ambitious token holder who might have agreed and surely would have been compromised with the scam.
What are the consequences?
(other common attackers)
I have learned that there are structural attacks that seek to penetrate the security of the blockchain from access to consensus nodes, among them the Eclipse Attack, which I can understand that its purpose is the infiltration between the massive data and access to the encryption as the only interest. For this there are certain prevention mechanisms by the platform and its defense technology, however, I consider that personalized attacks that go on the independent user usually refer to misleading offers designed in such detail to make the customer psychologically vulnerable and reveal their sensitive data at the least thought moment.
Final thoughts
The most important thing is to become aware that we are all vulnerable to suffer some blockchain scam and the trust we have on decentralized platforms would be broken. We must know that we own our assets and the control over them depends solely on our employed security mechanisms. My final thought leads me to bring a message of reflection to all users who make life in Steem Blockchain to devote some of their time to think about the security of their accounts and private keys; better safe than sorry and something that apparently seems unlikely to happen to us, may be just around the corner waiting for any carelessness on our part. Better to be prepared and take the necessary measures so that there is nothing to regret in our career in the Blockchain.
image source
Original Content
2021
It's nice to meet you, here is my new presentation on Steemit.com: IntroduceYourself
There have been unscrupulous actors for a very long time but the blockchain gave freedom and decentralization making security more of a personal thing to a thing to blame a corporation.
I have seen several types of DDoS attacks and I must say that congesting the network can be very frustrating.
Rating 8
Ok, totally agree, professor @gbenga
Published on Twitter:
https://twitter.com/addverso/status/1371291313447051269?s=20
#steemitblog #cryptoacademy
Muy buena participación @nachomolina2 , Mucho éxito!!!!
Gracias @corinadiaz!