Spamhaus researchers are observing an uptick in phishing 🎣 using the InterPlanetary File System (IPFS). 

Below is a recent example 👇 
https://urlscan.io/result/0b765eda-0095-4d1c-ba4a-e4a5ea52a6f3/

This system typically used to host simple files, can be accessed with specialized clients or via gateways.

What's most concerning is that...

❗ there are HTTP gateways you can use with your browser that look like normal URLs.
❗ there is no active side on the "server", so you get plain HTML with JavaScript.
❗ there is no server side scripting (like PHP) on IPFS to receive data.

....making it easier for adversaries to post data from the phishing site to another site on the normal web.

And, this issue is not limited to phishing but also happens for other kinds of abuse, such as malware and spam. Therefore:

➡ Gateway providers need to use and maintain a block list and share blocked IDs with each other.
➡ Hosters that host the data receiving scripts can't see the phishing site, and need to be aware that this problem exists.

#IPFS #Phishing #Malware