Security News > 2022 > August > Researchers Warn of Increase in Phishing Attacks Using Decentralized IPFS Network
The decentralized file system solution known as IPFS is becoming the new "Hotbed" for hosting phishing sites, researchers have warned.
Cybersecurity firm Trustwave SpiderLabs, which disclosed specifics of the attack campaigns, said it identified no less than 3,000 emails containing IPFS phishing URLs as an attack vector in the last three months.
IPFS, short for InterPlanetary File System, is a peer-to-peer network to store and share files and data using cryptographic hashes, instead of URLs or filenames, as is observed in a traditional client-server approach.
"Taking down phishing content stored on IPFS can be difficult because even if it is removed in one node, it may still be available on other nodes," Trustwave researchers Karla Agregado and Katrina Udquin said in a report.
This also means it could be much harder to take down phishing sites hosted on IPFS. The attacks observed by Trust typically involve some type of social engineering to lower the guard of targets in order to coax them to click fraudulent IPFS links and activate the infection chains.
"Phishing techniques have taken a leap by utilizing the concept of decentralized cloud services using IPFS," the researchers concluded.
News URL
https://thehackernews.com/2022/07/researchers-warns-of-increase-in.html
Related news
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)