Security Incident Reports - @Council community bot account un-authorize transferred of SBD (Steem Backed Dollars) to a malicious user at 
Hive account@blocktrades August 5 sometime in the morning. Here's the wallet transaction.
@Council
As you can see, the malicious user is trying to drain the account by powering down the Steem Power (SP). He will not be able to instantly withdraw the SP due to the waiting period of 11 weeks. Though successfully managed to transfer 1.970 Steem to Hive account@blocktrades with the memo - 9e0fafd2-f050-46ce-ad30-1491b8e6919f.
Actions to stop this bad actor.
- Reset the
Hive account@council community bot account password. - Completed.
- Report to Hive account@blocktrades to investigate this incident using the transaction memo. I will recommend to cease the account associated with this transaction. - Aug. 6, I've sent email to support@blocktrades.us regarding this Security Incident and requested to cease the recipient account related to this transaction memo - 9e0fafd2-f050-46ce-ad30-1491b8e6919f.
- Reviewing where @Council ACTIVE account vulnerabilities. - Review in progress.
- Shutdown Hive account@council community bot program at this time 'till further notice. This will not affect @Council upvoting initiatives because it is only using POSTING key to upvote, so it will continue.
I will continue to investigate this security incident. Somehow, the malicious user was able to get @Council ACTIVE password.
Security reminder, always login using your POSTING key. Keep you OWNER and ACTIVE key secured.
Please resteem so I can get Hive account@blocktrades attention to check this incident.
Best regards,
@Yehey
Image source from pixabay.
