Well, only the compromised active keys allows for transfers and luckily those accounts didn't have much in their wallet.
The risk comes from an attacker using the posting keys to mass upvote or downvote some users (eg. SDL).
My bot will will keep scanning new operations published into STEEM blockchain in order to save (almost) at runtime compromised keys (including owner keys). It will also keep an eye on those known compromised accounts in order to make them unusable if they get abused.
Thanks, take care. =]