You are viewing a single comment's thread from:

RE: Important Security Announcement: Steemit CEO Ned Scott

in #steemit8 years ago

Do you know how the attacker got in? I assume they altered the javascript to exfil private keys, yes? How do you know how many accounts were compromised? It might be wise to cycle everyone's keys at this point. I'll definitely be updating my posting key.

8 years ago in #steemit by
$1.29
  • Past Payouts $1.29, 0.00 TRX
  • - Author $1.29, 0.00 TRX
  • - Curators $0.00, 0.00 TRX
8 votes
Reply 2
Sort:  
  • Trending
    • [-]
     8 years ago 

    Yea, I was thinking something along these lines as well. XSS to grab a js token. I haven't looked into the site code, but I seriously hope they're not using js tokens and are instead using http only cookies.

    [-]
     8 years ago 

    At least is now been compromised, and from this experience Steem will up lift there security. Lesson learn.

    $0.00
      Reply

      Coin Marketplace

      STEEM 0.19
      TRX 0.13
      JST 0.030
      BTC 59722.01
      ETH 3267.61
      USDT 1.00
      SBD 2.36