IPFS phishing and the need for correctly set HTTP security headers, (Wed, Mar 15th)

This post was originally published on this site

In the last couple of weeks, I’ve noticed a small spike in the number of phishing messages that carried links to fake HTML login pages hosted on the InterPlanetary File System (IPFS) – an interesting web-based decentralized/peer-to-peer data storage system. Unfortunately, pretty much any type of internet-connected data storage solution is used to host malicious content by threat actors these days, and the IPFS is no exception. In fact, it seems to have been used to host phishing pages since at least the beginning of 2022[1].

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.