I have. I kept about $500 worth of bitcoin, as an unencrypted wallet.dat file, on my gaming PC in which I sometimes run untrusted executables.
One day, I got a notification the coins have been moved. After realising it wasn't a false positive, I immediately disconnected and imaged the PC, and sure enough, deep investigation found malware.
Small price to pay, as it alerted me to rotate all passwords and sessions, and alert the community about the compromised executable.
To this day, I keep some crypto on every device I use. If not breached, it doesn't cost me anything.
You are literally paying hackers to out their presence.
This is just a brilliant principle: Provide some low hanging, easy to identify, inexpensive fruit for thieves, to protect higher hanging fruit.
It could be used instead of more formal rewards for encouraging white hackers to report vulnerabilities: just let everyone know your outer ring of security has a wallet.
Even if more sophisticated hackers would skip the wallet, you are much more likely to find out vulnerabilities if hackers of all shades know there is honey for the taking.
This is, sincerely, the first time I've heard a use case for cryptoassets and thought, yeah, that's something real, useful, and which cryptoassets are uniquely suited for.
It's related to a home security tactic I heard of: keeping a "pocket change" tray visible on a table just inside your front door, with coins and a few bills.
The theory being that, if a burglar sees it, they'll probably at least grab the bills.
When you enter, if the bills are missing, there might be a burglar still in the house.
I like this so much!!!! (Partly because I think I've suggested a couple times here a long time ago to hold some bitcoin private keys in your "most secure" code/dir/whatever and monitor if they go missing, but I'm probably not the 1st to think about it as a bounty)
Do you know if the $500 was moved 'automatedly' or by a human? If the former, makes you wonder if $0.01 would do it. (I guess network fees don't matter since you'd still see it pending on the block chain and that's good enough)
Absolutely, I worked at a place where we generated unique aws tokens, pushing it out to all users/computers in the fleet and had alerting anytime one was used, which was traceable to a service, user or server.
Within 1 year I found a breach on a developers box and another on a frontend server.
On a first date, someone quoted the contents of your diary that had been stolen in a hack? Were you dating on a hacker matching app? How does this even come about?
I got the impression using wifi in airplane mode paired with years of exchanging numbers at hacker cons and academic events influenced my matches in some odd ways.
(Such as having someone freak out you have a weed card and might not forget they do too if that’s the reason you can’t get a job)
Anyways I thought she was just some random divorcè but she worked for the local FFRDC
Edit: it also may have been a catfish who got annoyed I had no idea who the person she was impersonating was absent being fourth author on something outside my area of expertise
Those canaries are meant to detect something bad happening within an executable. These canaries are instead meant to detect something bad happening "between" executables of sorts - i.e. malicious usage of said executables/services.
It's like placing unlocked safes all over your (locked) house with stuff that looks valuable to thieves. You know it's worthless so you never touch them. If a thief does however, you will know immediately. The overlap with honeypots here can be a bit fuzzy I guess.
I don't doubt they can be useful but I suspect they aren't really used that much