According to a Telegram BPs are required to blacklist compromised accounts. Apparently, a new EOS block producer dubbed “games.eos” did not update the blacklist for EOS mainnet accounts on Feb. 22.
After the incident, EOS42 made a new proposal that suggests nullifying the keys of blacklisted accounts instead of providing a veto power to a single BP on the EOS mainnet. As per EOS42, nullifying the keys is a more effective option than a “‘broken’ blacklist” as it still allows an account to be saved and returned to its rightful owner.
Capped at 21, the BPs candidates could replace each other through a constant voting process. EOS24 adds that several accounts have been blacklisted based on ECAF orders in which the victim’s accounts were hacked.