Security News > 2022 > August > Researchers Warn of Increase in Phishing Attacks Using Decentralized IPFS Network

The decentralized file system solution known as IPFS is becoming the new "Hotbed" for hosting phishing sites, researchers have warned.

Cybersecurity firm Trustwave SpiderLabs, which disclosed specifics of the attack campaigns, said it identified no less than 3,000 emails containing IPFS phishing URLs as an attack vector in the last three months.

IPFS, short for InterPlanetary File System, is a peer-to-peer network to store and share files and data using cryptographic hashes, instead of URLs or filenames, as is observed in a traditional client-server approach.

"Taking down phishing content stored on IPFS can be difficult because even if it is removed in one node, it may still be available on other nodes," Trustwave researchers Karla Agregado and Katrina Udquin said in a report.

This also means it could be much harder to take down phishing sites hosted on IPFS. The attacks observed by Trust typically involve some type of social engineering to lower the guard of targets in order to coax them to click fraudulent IPFS links and activate the infection chains.

"Phishing techniques have taken a leap by utilizing the concept of decentralized cloud services using IPFS," the researchers concluded.

News URL

https://thehackernews.com/2022/07/researchers-warns-of-increase-in.html