Many in the Leofinance community woke up to see the Discord channel was hacked. This can be unsettling to anyone involved.
Here is a thread that was put up:
It appears one of the members of the Leofinance team got his account hacked. This was used to erase all the channels. There was also a airdrop claim scam set up. (Do not click on this).
Fortunately, the community took to Hive to warn others. There are a number of articles out there detailing what to do to protect oneself. This is the power of Hive. We are social media so we can spread the word quickly.
At this moment, I am sure the team is working hard to restore things. Of course, this brings up a larger question.
Move Away From Web 2.0
We often discuss the benefits of Web 3.0 and why people should transition away from it. Going forward, there is tremendous potential with what is taking place.
However, what we rarely cover is the negatives associated with Web 2.0. Here is a major one.
While hacks can take place in Web 3.0 since websites are still server based, we do see tools being built that could help alleviate this.
So the question going forward is this: Will Leofinance turn to Web 3.0 solutions?
The answer is most likely not. People on Hive love themselves Web 2.0. It is interesting that a project that is so committed to building remains loyal to the old mechanism. Here is an opportunity to start changing things completely.
Will the team take it?
Web 2.0 Banning
This is nothing new.
We see it with the crypto influencers all the time. They get banned on a social media platform like YouTube and they immediately take to other social media network to announce how they were banned. We even saw a few come to Hive.
Of course, as soon as their accounts are restored, it is business as usual and right back to YouTube. There is little to no thought of continuing on 3Speak or anything else.
Some might say the money is driving them. This is something I would agree with. Realistically, if someone is making major bank off the platform, it is almost impossible to walk away. However, how many of them are mitigating the situation by also creating content on Web 3.0 platforms.
We know the answer to this. Very few.
Opportunity Is Turmoil
What is likely to happen is the Leofinance team is working with Discord to get all the channel fixed and, once that happens, it will be business as usual. There will be no thought to alternatives nor will the team consider protecting its users. As we saw with some of the posts, there can be vulnerabilities if wallets were linked. This is, naturally, not the fault of Leofinance yet it is supporting the system where this can occur.
Isn't it ironic that Leofinance is building out tools that are separating it from the main blogging front ends. It developed Leothreads as a means of bringing microblogging to the ecosystem. You would think that, since it is building things from a clean sheet, it might incorporate some of the communication tools that it uses Discord for.
There are also some other alternatives being built. For example, the open source team related to Peak did created a Discord clone chat.peakd.com. Is it on the level of Discord? Of course not. Did it get a look by many projects? Not likely.
Leofinance often talks about being the "Everything App". That is a nice mantra but is that really the case. How can one expect to be the Everything App is it is consistently turning to Web 2.0.
By the way, is there a Twitter Discord? I have no idea but I am going to surmise that Elon Musk did not set one up.
We often talk about those cryptocurrency projects that turn to Reddit or other social media for their governance. Vitalik made mention of this a time or two. Yet, are we much different. We effectively are a social media ecosystem that turns to centralized entities for our communication tools.
Is it possible to turn away completely? That will be the subject of an upcoming article.
However, the issue at this point is not whether it can be done. More importantly, is anyone even thinking about it?
If you found this article informative, please give an upvote and rehive.
gif by @doze
logo by @st8z
Posted Using LeoFinance Alpha
I didn't think waking up today that i would be a victim of a hack. Feel so stupid, but the announcement on the leofinance got me. I was going into discord to get an update on a support ticket in which i was waiting on a refund for swap.hive and then I saw an airdrop announcement and connected my wallet and had bnb funds drained.
Sorry man. That sucks! How much did you lose bro?
Yep, scam drained my BNB funds. Luckily I only ever keep < $10 BNB for gas fees to allow for claiming for Cub Finance Farms.
That is too bad
Silly clicking on those discord airdrop links lol
These scammers are getting so good.
That sounded like a legit announcement.
And that URL redirects to a high quality landing page.
That hacker would make more money making landing pages and graphics for other people. 😂
Sadly it was pretty easy to see it straight away. Leo used leofinance.io where the posted url was .net. Wish folks would keep a little closer if an eye on links!
Truly
yep man, kicking myself for clicking the link. so f**** stupid!
How would a web3 discord prevent things like this? A team member’s web3 wallet could still get hacked and post a scam link. If you’re just talking about the channels getting deleted, that’s not really a big deal. That type of chat isn’t something that needs to be stored immutably on-chain.
I think leofinance is taking the right approach in using web3 where it really provides value and taking advantage of web2 apps otherwise.
Since the web3 solution is plugged into the rest of the Hive blockchain, a variety of strategies to mitigate such hacks can be devised. For example, people with staked tokens can signal (perhaps via a custom_json) that a given message is a scam, and the web3 solution can correspondingly display it in such a way.
Another idea is to allow only ULRs from certain domain names to be in messages coming from team members (accounts with particular roles in a Hive community).
And if it the web3 solution is really integrated, we might even get rid of the need for URLs. You can interact directly with the blockchain and its 2nd layers whether you're in the chat or in another frontend. And strategies to prevent scams will work at the blockchain level and be picked up by whatever tool one uses to interact with the blockchain. This might be further down into the future, though.
Butt with Threads now active why do they need D̶i̶c̶k̶s̶c̶o̶r̶d̶ Discord?
All I’m saying!
There is an expression of 'eating your own dogfood' which means using the products you produce. We should do more of that. Of course you and others are using Threads, but many use Twitter. There is the argument that we need to be seen by those who are not on the blockchain, but for the sort of internal discussions that happen on Discord we ought to have a blockchain alternative. Then we need compelling content on 3speak to get people looking at that.
Platform security is really important and Hive via Keychain is probably better than what most platforms offer. Entering a password into a web site is so risky.
I feel for those who lost money, but crypto puts the onus on users to secure their wallets.
I see Ecency devs working to move us away from Web 2.0/Discord. Ecency Help Community hive-125126 has been set up to replace our tutorials Discord channel and move Help posts on chain. And now with Waves we have a Web 3 solutulion for communicating! Look for more solutions to come!
That's awesome :) Maybe one day everything will be on chain 🙌
!LUV
@melinda010100, @wrestlingdesires(3/10) sent you LUV. | tools | discord | community | HiveWiki | NFT | <>< daily
Great to see Ecency making more improvements! Love the team and front end!
I expect we will see many more new features this year!
Great suggestion, perhaps there is a business case to develop a decentralised discord like dapp on Hive. It could even help drive a new use case where Discord has upgrades, these could be paid in Hive or Leo and they get burned or another way to earn on the platform.
Great thinking and I might put more thought to it for an article.
That's a great point. I think it's about time we start steering away of web2 applications. I've been trying to use web3 as much as possible and it's not always easy but it's a needed step going forward.
that's why I appreciate shows like the cryptomaniacs broadcasting on VIMM
This is some real great perspective.
Yes it’s ironic that we claim web3 evangelism but we still turn to web2 for every little thing.
@rubilu @gunu1 @depressedfuckup @nhaji01 @abu78 @smariam @abdul01 @lifeof.abdul @yahuzah
Let’s build web3 solutions for those web2 platforms we can’t do without. Like email service.
Speaking of emails service. I saw a nerve-racking news on my feed about email shutting down some of us.... That's web 2 and centralized system for you....they always want to ban this or ban that, etc, etc.
Serious question - what does discord in Web3 look like?
I've been using discord for maybe 2 years now and it's become one of my main social platforms for connecting and keeping up to date with projects. I'm curious how a web3 alternatively would look like if built to compete with Discord (similar to how LeoThreads competes with Twitter).
What would be some of the main advantages/disadvantages?
It is a tough task that you propose, but it is as difficult as it is definitive. It's not easy to turn your back on web2 just yet.
Bitcoin is barely 14 years old and web3 much less.
Well... all crypto projects have a discort channel...so can't blame LeoFinance for leveraging it, its popular with the masses.
Even Crescent dex had this, some Admin fellow got hacked and there also similar problems...some scam stuff was posted.
Luckily I am not that active on discort, and these incidents have been few, so never got affected.
In future ofcourse, there will be a Web3 solution for discort... for now noting wrong in using discort to connect, its been helpful.
A place where I can get information on where to look for details to learn more about the project.
As said, every Web3 projects have a discort channel...yawn...sleepy...anyway
I hope nobody has been hacked deu to the airdrop scam.
I couldn't help but laugh at this, I strongly doubt his has one set up to Twitter-related chats.
This incident shows we have a long way to go in building applications that will keep us here and not carry on running after the Web 2 Social platforms.
Put a bet on me rarely using Discord and you are bound to win, I find it too overwhelming so that is a good enough reason for me to stay away for months and not even think of it.
I hope some from the community did not fall for the airdrop scam.
Everything related to Leo is a scam!!!
A lot of that is force of habit. If we've been doing something every day for years, we're likely to keep on. The real fight is making the new option addictive :) ...
I've always hoped we would move to a web3 option. A major roadblock once one with all of the features we've come to love is in place will be that people have non Hive friends on Discord. I wonder if it might be possible to have a bridge, similar to the one with Telegram and Discord?
This post has been manually curated by the VYB curation project
I guess Leothreads can become the alternative solution of discord and serve microblogging combined.
Like #threadcast purpose is to actually communicate when the show or podcast is live, we just need like different channels + live streaming options and more polishing or features as pinned, announcement notifications.. maybe a DM through smart contract to send each other messages on chain... Something like that.
These phishing attacks are terrible and increasing on web2.. better to build solutions and stay ahead of others in web2.
Great point of discussion Task.
It was unfortunate that years of work was gone just like that.
I know @anomadsoul has worked pretty hard to setup everything, especially for the Zealy Campaign (a huge hit).
Hopefully we will rebuild it together and get back on track in no time.
Now the elephant in the room - Do we have a decent Web3 alternative for discord?
Aside from the fact that the hack sucks, it brings up some of the interesting things that have been rattling around in my head pretty much since the start. Including... why the heck are people always heading to Discord or Telegram to *talk about Hive?
Why aren't we talking about Hive... ON Hive? That seems like a shortcoming in the root design... and it begs the question why some hasn't jumped on creating a "Discord-like" dapp here? Consider how central both "Groups" and "Messenger" are to FB, so why not here?
=^..^=
The age old question. I think it likely has something to do with the permanence of the chain and what you write. People think it can be deleted on discord but they just don't see it lol. The discord owners absolutely have all of it stored.
If they can compromise a discord account through social engineering, they will also be able to compromise "web3" account keys through social engineering. Unless multisig is done properly and people don't fall for stupid greed scams ("airdrop").
We have to learn to be the product of our own product. It's a good wakeup call to re-evaluated our web2 activities and see how we can minimizer the risks factors. I rarely use Discord, rather spend that time engaging on the blockchain.
I have been wondering the same thing since I've learned about it. I'm 'glad' it was just 45$ the scammers got out of Hivers, still sucks to be the victim.
Isn't @jarvie working on a Web 3.0 version of Discord?
Not fun at all. Sorry about this. Thank you for sharing with us.
Web 3 discord is Leo Threads. That’s it, for everyone asking what a web3 discord will look like.
The biggest Web 2.0 weakness is dependence on the old world of domain names. The airdrop post was a dead ringer using leofinance.net and not the known domain for leofinace.io. Going to take some imagination to work out a plan for a pure Web 3.0 world. Maybe a a whole Web 3.0 DNS universe
What a sad situation!
I just dont get it! What's the point of hacking a discord dont they gat better jobs to do, its so annoying seeing someone ruining another persons sweat and hard work. i guess if leofinance cant assess the discord from these thiefs then they'll have to open another one with tight security measures
My previous @v4vapp proposal has expired. I have a new one which is running but unfunded right now. I'm still running @v4vapp and all my other services.
I've just updated v4v.app and I'm getting ready for some exciting new features after the next hard fork.
Please consider asking your friends to vote for prop #265 or consider unvoting the return vote.
For understandable reasons in the current crypto climate it is harder to get funded by the DHF, I accept this so I'm asking a wider audience for help again. I'll also add that I power up Hive every day and usually power up larger amounts on 1st of the Month. I'm on Hive for ideological reasons much more than for only economic benefit.
Additionally you can also help with a vote for Brianoflondon's Witness using KeyChain or HiveSigner
If you have used v4v.app I'd really like to hear your feedback, and if you haven't I'd be happy to hear why or whether there are other things you want it to do.