• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
several cyber attacks observed leveraging ipfs decentralized network

Several Cyber Attacks Observed Leveraging IPFS Decentralized Network

You are here: Home / General Cyber Security News / Several Cyber Attacks Observed Leveraging IPFS Decentralized Network
November 9, 2022

A amount of phishing strategies are leveraging the decentralized Interplanetary Filesystem (IPFS) network to host malware, phishing package infrastructure, and facilitate other attacks.

“Numerous malware households are presently getting hosted in IPFS and retrieved throughout the initial phases of malware attacks,” Cisco Talos researcher Edmund Brumaghin explained in an evaluation shared with The Hacker News.

The investigation mirrors similar results from Trustwave SpiderLabs in July 2022, which discovered a lot more than 3,000 e-mails containing IPFS phishing URLs as an attack vector, calling IPFS the new “hotbed” for hosting phishing sites.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


IPFS as a technology is equally resilient to censorship and takedowns, generating it a double-edged sword. Fundamental it is a peer-to-peer (P2P) network which replicates content material across all participating nodes so that even if information is eliminated from a person device, requests for the methods can still be served by way of other units.

This also can make it ripe for abuse by bad actors searching to host malware that can resist regulation enforcement makes an attempt at disrupting their attack infrastructure, like found in the case of Emotet last calendar year.

“IPFS is presently becoming abused by a range of menace actors who are utilizing it to host malicious contents as element of phishing and malware distribution campaigns,” Brumaghin earlier informed The Hacker Information in August 2022.

This consists of Dark Utilities, a command-and-management (C2) framework which is advertised as a way for adversaries to avail distant system entry, DDoS capabilities, and cryptocurrency mining, with the payload binaries supplied by the platform hosted in IPFS.

Moreover, IPFS has been put to use to serve rogue landing pages as section of phishing campaigns orchestrated to steal credentials and distribute a vast vary of malware comprising Agent Tesla, reverse shells, info wiper, and an details stealer referred to as Hannabi Grabber.

In a person malspam supply chain in depth by Talos, an email purporting to be from a Turkish money establishment urged the receiver to open up a ZIP file attachment that, when launched, labored as a downloader to retrieve an obfuscated model of Agent Tesla hosted in the IPFS network.

CyberSecurity

The destructive malware, for its part, normally takes the type of a batch file that deletes backups and recursively purges all directory contents. Hannabi Grabber is a Python-dependent malware that gathers sensitive data from the infected host, these as browser info and screenshots, and transmits it via a Discord Webhook.

The latest growth details to the escalating use by attackers of genuine choices this sort of as Discord, Slack, Telegram, Dropbox, Google Generate, AWS, and numerous other people to host malicious content or to direct people to it, generating phishing a person of the profitable key original entry vectors.

“We assume this action to go on to raise as much more danger actors understand that IPFS can be employed to facilitate bulletproof hosting, is resilient against written content moderation and regulation enforcement activities, and introduces difficulties for businesses making an attempt to detect and defend in opposition to attacks that may leverage the IPFS network,” Brumaghin reported.

Located this report fascinating? Observe THN on Facebook, Twitter  and LinkedIn to read more unique articles we submit.


Some parts of this report are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Advanced RAT AgentTesla Most Prolific Malware in October
Next Post: APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network apt29 exploited a windows feature to compromise european diplomatic entity»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks
  • How to Interpret the 2023 MITRE ATT&CK Evaluation Results
  • Iranian Nation-State Actor OilRig Targets Israeli Organizations
  • High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
  • Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
  • Mysterious ‘Sandman’ Threat Actor Targets Telecom Providers Across Three Continents
  • Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge
  • The Rise of the Malicious App
  • China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
  • Cyber Group ‘Gold Melody’ Selling Compromised Access to Ransomware Attackers

Copyright © TheCyberSecurity.News, All Rights Reserved.