Email security, Vulnerability Management

IPFS sites increasingly used for phishing attack hosting

More phishing attacks are being hosted through InterPlanetary File System peer-to-peer data sites that could better conceal malicious content, according to The Register. Over 3,000 emails had phishing URLs using IPFS during the last 90 days, indicating the growing popularity of IPFS for phishing sites, a study from Trustwave revealed. "One of the main reasons why IPFS has become a new playground for phishing is that many web hosting, file storage or cloud services are now offering IPFS services. This means that there's more flexibility for the phishers in creating new types of URLs," wrote researchers. IPFS utilization shows "a significant evolution in phishing," which should prompt stronger defenses among organizations, noted LARES Consulting Virtual Chief Information Security Officer Darryl MacLeod. "Moving forward, phishers may start using more sophisticated methods for replicating sites, such as using distributed hash tables. A distributed hash table is a type of data structure that is often used in peer-to-peer systems, as they provide a way to distribute data across many different machines," MacLeod added.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.