Security News > 2022 > August > Researchers Warn of Increase in Phishing Attacks Using Decentralized IPFS Network
The decentralized file system solution known as IPFS is becoming the new "Hotbed" for hosting phishing sites, researchers have warned.
Cybersecurity firm Trustwave SpiderLabs, which disclosed specifics of the attack campaigns, said it identified no less than 3,000 emails containing IPFS phishing URLs as an attack vector in the last three months.
IPFS, short for InterPlanetary File System, is a peer-to-peer network to store and share files and data using cryptographic hashes, instead of URLs or filenames, as is observed in a traditional client-server approach.
"Taking down phishing content stored on IPFS can be difficult because even if it is removed in one node, it may still be available on other nodes," Trustwave researchers Karla Agregado and Katrina Udquin said in a report.
This also means it could be much harder to take down phishing sites hosted on IPFS. The attacks observed by Trust typically involve some type of social engineering to lower the guard of targets in order to coax them to click fraudulent IPFS links and activate the infection chains.
"Phishing techniques have taken a leap by utilizing the concept of decentralized cloud services using IPFS," the researchers concluded.
News URL
https://thehackernews.com/2022/07/researchers-warns-of-increase-in.html
Related news
- How Phishing Attacks Adapt Quickly to Capitalize on Current Events (source)
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)