As far as I can see this hack (rather exploit) has not been prevented, but if I'm wrong please let me know in the comments.
I'm mentioning this hack because it was extremely effective on /r/giftcardexchange
And people have already made this mistake.
The Hack
1. Buy a reddit account on http://www.redditsecrets.com/buy-reddit-accounts or elsewhere
2. Open an account with a modification of the username bittrex, e.g. bittrrex, bitrrex which haven't yet been taken etc.
3. Wait for people to make mistakes, withdraw when they do, with a large enough sample size you can bet someone will.
This can be applied even more successfully with permutations of @openledger's name
How likely is this to happen?
There is a user @bitrex with whom people have already apparently made the mistake and with whom they apparently continue to make this mistake:
Thanks @venuspcs for bringing it to my attention that it is probably already happening with @poloniex fake accounts.
As more people use Steemit the probability of such a mistake occurring will tend to 1.
How to avoid this
- Auto fill forms, or perhaps a two layered input prompting users to select whether to send to "user" or "exchange", then drop down menu for exchanges. Many possible similar approaches.
- Users can systematically copy and paste bittrex (and other exchange's names) instead of typing them from memory.
#steemit #hack #money #security