pezkuwichain/phishing
1
0
Fork 0
mirror of https://github.com/pezkuwichain/phishing.git synced 2026-04-23 06:08:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,532 Commits 1 Branch 0 Tags
8672f4e819b898aec6defc28bc4e127cf74d00a7
Commit Graph

6271 Commits

Author SHA1 Message Date
Github Actions 46a7e4df97 [CI Skip] release/stable 0.6.124 
skip-checks: true
 2021-05-05 12:32:34 +00:00
michalisFr 046ccc8275 Fix #299 (#300) 
Added the missing comma
 2021-05-05 14:30:30 +02:00
Github Actions 68d9d1ab9c [CI Skip] release/stable 0.6.123 
skip-checks: true
 2021-05-05 09:12:39 +00:00
ccris02 eabfaee33f Update all.json (#298) 
Adding few more scam websites
 2021-05-05 11:10:33 +02:00
Github Actions fe5c941909 [CI Skip] release/stable 0.6.122 
skip-checks: true
 2021-05-04 16:51:10 +00:00
Dan Shields fb119483a1 add multipe reported scams (#297) 
reported here, but user `@ccris02:matrix.org`
https://matrix.to/#/!FdCojkeGzZLSEoiecf:web3.foundation/$PVo4c1pXYq4D1DQeHRL6qCJJ5F0n_cgh-M1raYcm2Xk?via=matrix.parity.io&via=matrix.org&via=corepaper.org
 2021-05-04 18:49:30 +02:00
Github Actions 32de5157a4 [CI Skip] release/stable 0.6.121 
skip-checks: true
 2021-04-30 07:46:23 +00:00
Mich 8f56bebf54 Update all.json (#296) 
I have no idea what those are, but they look less than legit at best.
 2021-04-30 09:44:37 +02:00
Github Actions 94f466e672 [CI Skip] release/stable 0.6.119 
skip-checks: true
 2021-04-29 06:02:31 +00:00
michalisFr 68e8dde636 Update all.json (#293) 
Added minaprotocol[.]limited
 2021-04-29 09:00:26 +03:00
Mich 1eb1d15f71 Update all.json (#292) 
another "CEO" (as spotted by Jaco)👁
 2021-04-28 10:01:38 +02:00
Github Actions ea579c9c9b [CI Skip] release/stable 0.6.117 
skip-checks: true
 2021-04-28 06:23:23 +00:00
Mich f60108f4b1 Update all.json (#291) 
polka CEO, yeah right
 2021-04-28 08:21:14 +02:00
Github Actions c214572154 [CI Skip] release/stable 0.6.116 
skip-checks: true
 2021-04-27 09:51:01 +00:00
Mich c92c921723 Update all.json (#290) 
Add new bad URL
AFAIK PanCakeSwap is on BSC, but for some reason the scam template has polkadot as well, thus adding.
 2021-04-27 11:49:01 +02:00
Github Actions d150dc97b5 [CI Skip] release/stable 0.6.113 
skip-checks: true
 2021-04-26 16:04:27 +00:00
Mich 3ce726378c Update all.json (#286) 
add new bad url
 2021-04-26 19:02:17 +03:00
Github Actions b8095aa333 [CI Skip] release/stable 0.6.112 
skip-checks: true
 2021-04-26 09:03:40 +00:00
Mich fbb0097e47 Update all.json (#285) 
adding 6 wallet connect clones stealing mnemonic seed phrase (polkadot included)

cryptowalletconnect.com
cryptowalletconnects.org
cryptowalletconnects.penhax.com
walletconnect-sync.org
walletconnect-support.ml
walletconnect-dapp.online
 2021-04-26 11:01:46 +02:00
Github Actions bb9b76f385 [CI Skip] release/stable 0.6.111 
skip-checks: true
 2021-04-26 05:29:41 +00:00
Mich b8ee07d52e Update all.json (#284) 
One of the mysterious blockchain st cyber squat TLDs and two wallet connect clones (revoked, see
 2021-04-26 07:27:31 +02:00
Github Actions 5037992b4e [CI Skip] release/stable 0.6.106 
skip-checks: true
 2021-04-24 04:59:02 +00:00
Mich d8a92070dd Update all.json (#278) 
fresh scam registered yesterday via namecheap
 2021-04-24 06:56:54 +02:00
Github Actions e2254d08ff [CI Skip] release/stable 0.6.105 
skip-checks: true
 2021-04-22 12:03:15 +00:00
michalisFr 53450fdfdb Update all.json (#277) 
Added:
coinrau[.]com (usual, fake exchange template we've seen before)
minaprotocols[.]tech (scam token sale)
mina[.]limited (another one, offline now)
winxcrypt[.]com (scam trading site)
 2021-04-22 14:01:27 +02:00
Github Actions 1994c316f8 [CI Skip] release/stable 0.6.104 
skip-checks: true
 2021-04-21 12:15:22 +00:00
michalisFr a874ee8e5e Update all.json (#276) 
Also, parity[.]site, polkadot[.]money, polkadot[.]gg (all without content currently but scheduled for takedown by our partners)
 2021-04-21 14:13:14 +02:00
Github Actions c25d3849e1 [CI Skip] release/stable 0.6.103 
skip-checks: true
 2021-04-21 12:08:52 +00:00
michalisFr 3c14f50f43 Update all.json (#275) 
Adding wallet-connect[.]cloud (already taken down)
 2021-04-21 14:06:46 +02:00
Jaco f9038fb496 Add polkastater.link (#274) 
* Add polkastater.link

* Use matching fo category
 2021-04-21 13:25:31 +02:00
Github Actions 9aac817d02 [CI Skip] release/stable 0.6.100 
skip-checks: true
 2021-04-19 19:00:06 +00:00
Mich 8dba2e774e Update all.json (#271) 
freshly registered new bad URLs
 2021-04-19 21:57:50 +03:00
Github Actions cd97cadd9b [CI Skip] release/stable 0.6.99 
skip-checks: true
 2021-04-19 12:42:12 +00:00
Mich a74ec4ecec Update all.json (#270) 
2 bad urls
one of them targets uniswap, but also had polkadot option (site already revoked)

the other one is is the usual fake multi wallet connect protocol

also saw
MyPolkaDotWallet.com
polkadotwallet.io

No eminent danger, just cyber squatting, same vendor that wanted 200K for a domain polkadot.co (lol nice high hopes)
 2021-04-19 15:40:20 +03:00
Github Actions c811b7f5e4 [CI Skip] release/stable 0.6.98 
skip-checks: true
 2021-04-18 06:17:49 +00:00
Mich a4f529fedd Update all.json (#269) 
* Update all.json

one polka and a few wallet connect clones

* Update all.json

Co-authored-by: Jaco <jacogr@gmail.com>
 2021-04-18 08:15:49 +02:00
Dan Shields 2c5c234b9f web-unlock[dot]net (#266) 
is this redundant? as subdomains are covered? so we could remove any subdomains?
 2021-04-16 21:45:13 +03:00
Dan Shields b273c4fa92 phishing from tech support (#265) 
wallet address given to "tech support", `walletfirmware.web-unlock[dot]net/wallets.html` was given as a way to "sync" my problems away.
 2021-04-16 20:05:10 +03:00
Mich d8be393d69 Update all.json (#261) 
add new bad URL registered yesterday
 2021-04-16 07:53:28 +02:00
Mich ba00c14cc7 Update all.json (#254) 
just registered
 2021-04-13 19:19:47 +02:00
Github Actions 16a1907e77 [CI Skip] release/stable 0.6.86 
skip-checks: true
 2021-04-13 17:05:29 +00:00
michalisFr 6de10d5789 Update all.json (#252) 
Added bscpad[.]in

for https://bscpad[.]in/whitelist/polkadotwallet.html
 2021-04-13 19:03:32 +02:00
Github Actions 7db9454eb4 [CI Skip] release/stable 0.6.85 
skip-checks: true
 2021-04-13 15:24:37 +00:00
michalisFr 0ea72bf56f Update all.json (#251) 
Added 
polkadotchain[.]net
polkadotparachain[.]com
polkadottoken[.]org

from PR #243 pre-emptively
 2021-04-13 18:22:49 +03:00
Github Actions 70ac205c29 [CI Skip] release/stable 0.6.84 
skip-checks: true
 2021-04-13 06:08:32 +00:00
Mich 507dc35256 Update all.json (#243) 
I am seeing a lot of domains which I am having trouble classify.
They are all named polkadot something (gold, advanced, bank) and always come up with a blank page only with an email address.

advancedpolkadot[.]com - "info@blockchain.st"
goldpolkadot[.]com - "info@blockchain.st"
polkado[.]com -  "info@blockchain.st"
polkadotbank[.]com - "info@blockchain.st"

I would like to check with the team if this email rings any bells. 

If not I suggest to blacklist those just in case, despite them not serving bad content right now.

My suspicion is that those could be used for
- cybersquatting (re-sell domains for higher price)
- SEO reputation gains (and future advertisement placement on yahoo, duckduckgo or google leading to the fake polkadot clones showing on top)
- GeoFenced phish - serving contents only to users of a particular country.
 2021-04-13 08:06:43 +02:00
Github Actions 12096ad39d [CI Skip] release/stable 0.6.83 
skip-checks: true
 2021-04-13 05:09:12 +00:00
michalisFr 91c5f1dea0 Update all.json (#248) 
Added dot-give[.]com
 2021-04-13 07:06:39 +02:00
Mich bf968f25f1 Update all.json (#249) 
add new bad url
promoted via twitter fake impersonator profile
 2021-04-13 07:06:16 +02:00
michalisFr 9cf2d4c6df Update all.json (#247) 
Added polkagiveaway[.]com. Site is currently down but a user fell for it.

Also, oxy[.]dev which is copycat of a W3F grant recipient. The original project is oxydev.ir
 2021-04-12 13:59:17 +02:00