Replying to Avatar Captain's Nostr Log

run your spam bot from your own leaked nsec, posting "THIS NSEC IS LEACKED"
Avatar
Garbage nsec 10mo ago

Yeah but the hacker can run a bot too.

- A bot that instantly sends a delete request for every message posted by the spam bot

- A bot that follows up every spam bot message with forged clarifications (follow me on my new npub at...)

-A competing spam bot that responds to your spam bot's response and says "This is the real account to follow me on, check to see it matches my NIP-05" (But that hacker has already swapped out the NIP-05 in the hacked account to match the fake new one the hacker created).

Reply to this note

Please Login to reply.

Discussion

Avatar
Captain's Nostr Log 10mo ago

then your bot should delete the deletion events and tell people not to trust anything posted by this npub

Avatar
Garbage nsec 10mo ago

I suppose. Though what about for someone without enough of a programming background to engage in bot wars? Normal users with no programming background at all and no savvy friends I suppose would be complete victims—all attempts to alert others would be thwarted or hijacked by the hacker. (They could only communicate the issue off Nostr, but who would know of their off Nostr presence?)

Avatar
Captain's Nostr Log 10mo ago

in real life this isn't a problem. plenty of people on nostr have migrated from compromised profiles

Avatar
Garbage nsec 10mo ago

Ah yeah, I've been looking for those cases. Have you got an example of a compromised npub that's been left behind? Or a new npub someone moved to afterwards (so I can go back and see their first hello there explaining the situation and the move)?

Avatar
Captain's Nostr Log 10mo ago

I leaked my own nsec. so did gandalf

Avatar
Garbage nsec 10mo ago

Thanks!

Avatar
Captain's Nostr Log 10mo ago

many such cases