I'm still shocked by the recent, outrageos attack by a malicious user operating several Steemit clones, the magnitude of the scam and how it all played out. He/she got control of a couple of established steemians with 60+ reputation and spammed out commets containing links to the cloned Steemit pages. Dozen more low rep accounts were stolen and spammed out same or simmilar messages affecting thousands of users with one goal, get their keys and rip them of their time/effort/intelect spent on here.
People are people and many who got redirected to the clones didn't notice the obvious mistake in the url but that's understandable. I'm one of those people who actually managed to send coins to a wrong wallet on bittrex (took me 2 months to get them back) so I can understand when you are just on autopilot and don't notice.
This is just the beginning of a problem which will be ever increasing in the future as Steem price goes up and our wallet's values follow.
The goal
I was determined to find a solution that will make it impossible to get phished, ever again. I figured that we need an app to alert us of any malicious websites where an unsuspecting Steemian might enter their password. I realized it would be best to utilize the power of Steemit to find skilled developers to make it. So in my first ever dtube video I offered 50 SBD and @ebargains donated another 25 SBD to the person who makes the app. After a harsh day of promoting the idea and searching for devs in every possible Steemit related discord server, the next day I got so many people that took the offer and wanted to participate that I couldn't do anything else other than make it into a contest and including the community in the testing and voting process.
App Guidelines
Must be a Chrome extension
The code must be open source and will be checked to ensure it has no malicious code or security flaws that could make it vounerable in the future
Whitelisting/blacklisting/algorithm that can recognize websites trying to emulate the originals or any other method to recognize the scam websites can be used. I don't care which way you go. I just want it to work, 10/10
When entering a scam site the app needs to display a warning (the bigger, more obvious and harder to get by, the better :) full page warnings are the best solution
Has to have a submit option for users to alert of new phishes which would then be evaluated and added if necessary
The UI can look however you like, it doesn't really matter that much as we are going with functionallity, not good looks
When finished add it to Chrome store and contact me on discord with a small write-up about how it works
The winning app (depending on how it works) needs to always be up to date and work correctly because if a phish gets through and someone looses their keys with the app on we are loosing the whole point of making it in the first place
If the winning app needs a server to operate the developer will if possible pay with fiat for the service and I'll give them that much in SBD/Steem (I would give you the fiat if I could but I can't and I hope that it's not a problem, if it is we will find a way around it)
You have exactly 2 weeks starting from today to finish your app after which I will present all finished apps to the community who will then have a week to test them and decide which one they like the best. They will then vote for their faovorite app and with that taken in consideration, I'll choose a winner.
Testing will be done by trying to enter the currently operating Steemit clones
First place will get 50 SBD while 25 SBD donated from @ebargains will be evenly split amongst those who made a functioning app. Any possible new donations will be evenly split amongst the winner and the rest.
If I missed something feel free to contact me on discord with your questions. My nick is same as here.
I hope
That when the app/testing/voting is done that the winning app itself will become a tool used by countless Steemians who want to stay protected but don't want to be constantly checking the URLs to ensure safety.
That the app will save thousands of passwords that would be otherwise be snached away by malicious users.
That the app will get so popular amongst Steemians that it will discourage any new attempts of making a phishing website.
That this will make Steemit safe for everyone again. Even the most careless of us.