Phishing Attacks Distributed Through CloudFlare’s IPFS Gateway [bleepingcomputer]
Yesterday we reported on a phishing attack that utilizes the Azure Blob storage solution in order to have login forms secured by a Microsoft issued SSL certificate. After reviewing the URLs utilized by the same attacker, BleepingComputer noticed that these same bad actors are also utilizing the Cloudflare IPFS gateway for the same purpose.
Last month Cloudflare released an IPFS gateway that allows users to access content stored on the IPFS distributed file system through a web browser. As part of this implementation, all connections to the IPFS gateway are secured using SSL certificates issued by CloudFlare.
By storing the html for phishing scams on IPFS, the attackers can then utilize Cloudflare’s IPFS gateway to display the stored HTML document. For example, this attacker is using the gateway to display the following phishing form.
For more, click here.