attacks are being hosted through InterPlanetary File System peer-to-peer data sites that could better conceal malicious content, according to The Register
Over 3,000 emails had phishing URLs using IPFS during the last 90 days, indicating the growing popularity of IPFS for phishing sites, a study from Trustwave revealed.
"One of the main reasons why IPFS has become a new playground for phishing is that many web hosting, file storage or cloud services are now offering IPFS services. This means that there's more flexibility for the phishers in creating new types of URLs," wrote researchers.
IPFS utilization shows "a significant evolution in phishing," which should prompt stronger defenses among organizations, noted LARES Consulting Virtual Chief Information Security Officer Darryl MacLeod.
"Moving forward, phishers may start using more sophisticated methods for replicating sites, such as using distributed hash tables. A distributed hash table is a type of data structure that is often used in peer-to-peer systems, as they provide a way to distribute data across many different machines," MacLeod added.