Skip to Content

IPFS Adoption for Phishing and Malware Campaigns

Updated on 2022-12-22

Trend Micro spotted web3 InterPlanetary File System (IPFS) being used for phishing, which first started on January 18 and spiked on November 7 at over 70,000 phishing URLs. Read more: Web3 IPFS Currently Used For Phishing

Updated on 2022-11-13: Bulletproof hosting meets web3

Even malware campaigns are jumping on the web3 train. Cisco’s Talos says it’s observed several campaigns that rely on hosting their malicious payloads on IPFS, or the InterPlanetary File System, a web3 technology that works as distributed, peer-to-peer storage. SecurityWeek has a quick explainer on how it works. Per @b4n1shed: “While these technologies have legitimate uses in a variety of practical applications, they also create opportunities for adversaries to take advantage of them within their phishing and malware distribution campaigns.” Here’s an example of a phishing page hosted on the IPFS network. IPFS traffic is also legitimate so this makes it more difficult for network defenders to identify malicious use.

Bulletproof hosting meets web3

Read more:

Updated on 2022-11-11: IPFS adoption

Cisco Talos said it observed multiple malware campaigns that leverage the IPFS peer-to-peer protocol to host their malware payloads and phishing kit infrastructure for ongoing attacks. Cisco’s report comes after Trustwave saw a similar spike in IPFS adoption over the summer after several cloud providers added support for the protocol on their servers. The IPFS protocol is widely used by blockchain platforms, according to Cisco. Read more:

Overview

Researchers spotted several phishing campaigns leveraging the decentralized Interplanetary Filesystem (IPFS) network to enable attacks, along with hosting malware and phishing kit infrastructure. Read more: Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.