Replying to Avatar Luxas

How soon until we see a malicious #nostr app/browser extension? As it saves the nsec/npub to local storage it also sends it to the dev's api.

Or, a stored xss on a fav web client that has visitors blast spam kind 1 notes without them knowing as they have their signer set to always authorize.

I wouldn't doubt these scenarios will eventually occur if/as nostr grows. Stay vigilant.
Avatar
TheGrinder 1y ago

soon enough. But we'll probably see some fake apps and browser apps first stealing the identity of those who paste their private keys into webforms.

Reply to this note

Please Login to reply.

Discussion

No replies yet.