After hundreds of accounts of the blockchain social network Steemit fell prey to cyberattackers, the company decided to strike back, introducing what it claims a “revolutionary” solution.
According to Steemit co-founder Dan Larimer, if a user account is hacked, it can be recovered with any of the keys you have used over the last 30 days. To do this, you need a person who will be able to confirm your identity to the blockchain. As noted in the comments to the article, this concept “goes hand in hand with Steemit being a social network platform.”
Dan Larimer stressed that protection from hackers is becoming increasingly expensive and difficult to use, while cybercriminals are finding ways to circumvent any obstacles. “Even a Nuclear power plant in Iran that was completely disconnected from the internet was hacked,” reminds the developer. “At some point the cost of preventing a break in is higher than the cost of recovering from a break in,” he writes.
He believes that guaranteed return of the account to its owner is the most reasonable measure when you cannot guarantee 100% protection. He considers this solution to be the best compromise between security and convenience.
When a social network account hacked, two or more people get access to it. Blockchain does not make the difference between people using the key to your account. The new security system developed by Steem allows the user to restore their account via a trusted person — a spouse, a parent, a friend, or any third party, including Steemit itself, which can identify you by e-mail, login on Reddit or your Facebook page.
The trustee makes a request to replace the old keys with new ones. After that, you have 24 hours to enter the account using either your new or your old passwords (you can enter any key that you used in the last 30 days). If you have time to do this, you will get rid of the intruder. But if within 30 days you have not used the social network, you will lose your account forever.
The user’s partner is entitled to make a request for password recovery, but does not own the key and consequently, cannot access your Steemit without your permission. If, however, your partner’s Steemit account is hacked, they will have to apply to their trustee for help. Every 30 days a user can confirm their trustees or change them.
Throughout the day on 14 July, the website of Steemit was down at first and then put in “read-only” mode. According to the official announcement, unknown cyber criminals had hacked about 260 accounts and stolen nearly $ 85,000. Steemit CEO Ned Scott promised that “any users whose accounts were compromised will be completely reimbursed.”
Steemit is a social network based on the blockchain, which rewards its users with cryptocurrency for original content. Its main difference from traditional social networks is that user accounts contain very little personal information, so it is money and personal keys that attract hackers. Due to the blockchain technology, even blocked from access, the user can see any transaction performed with their account, so when their wallet is milked, they will immediately be aware.
Ludmila Brus