b273c4fa92
phishing from tech support ( #265 )
...
wallet address given to "tech support", `walletfirmware.web-unlock[dot]net/wallets.html` was given as a way to "sync" my problems away.
2021-04-16 20:05:10 +03:00
d8be393d69
Update all.json ( #261 )
...
add new bad URL registered yesterday
2021-04-16 07:53:28 +02:00
ba00c14cc7
Update all.json ( #254 )
...
just registered
2021-04-13 19:19:47 +02:00
16a1907e77
[CI Skip] release/stable 0.6.86
...
skip-checks: true
2021-04-13 17:05:29 +00:00
6de10d5789
Update all.json ( #252 )
...
Added bscpad[.]in
for https://bscpad[.]in/whitelist/polkadotwallet.html
2021-04-13 19:03:32 +02:00
7db9454eb4
[CI Skip] release/stable 0.6.85
...
skip-checks: true
2021-04-13 15:24:37 +00:00
0ea72bf56f
Update all.json ( #251 )
...
Added
polkadotchain[.]net
polkadotparachain[.]com
polkadottoken[.]org
from PR #243 pre-emptively
2021-04-13 18:22:49 +03:00
70ac205c29
[CI Skip] release/stable 0.6.84
...
skip-checks: true
2021-04-13 06:08:32 +00:00
507dc35256
Update all.json ( #243 )
...
I am seeing a lot of domains which I am having trouble classify.
They are all named polkadot something (gold, advanced, bank) and always come up with a blank page only with an email address.
advancedpolkadot[.]com - "info@blockchain.st "
goldpolkadot[.]com - "info@blockchain.st "
polkado[.]com - "info@blockchain.st "
polkadotbank[.]com - "info@blockchain.st "
I would like to check with the team if this email rings any bells.
If not I suggest to blacklist those just in case, despite them not serving bad content right now.
My suspicion is that those could be used for
- cybersquatting (re-sell domains for higher price)
- SEO reputation gains (and future advertisement placement on yahoo, duckduckgo or google leading to the fake polkadot clones showing on top)
- GeoFenced phish - serving contents only to users of a particular country.
2021-04-13 08:06:43 +02:00
12096ad39d
[CI Skip] release/stable 0.6.83
...
skip-checks: true
2021-04-13 05:09:12 +00:00
91c5f1dea0
Update all.json ( #248 )
...
Added dot-give[.]com
2021-04-13 07:06:39 +02:00
bf968f25f1
Update all.json ( #249 )
...
add new bad url
promoted via twitter fake impersonator profile
2021-04-13 07:06:16 +02:00
9cf2d4c6df
Update all.json ( #247 )
...
Added polkagiveaway[.]com. Site is currently down but a user fell for it.
Also, oxy[.]dev which is copycat of a W3F grant recipient. The original project is oxydev.ir
2021-04-12 13:59:17 +02:00
81c070aa92
[CI Skip] release/stable 0.6.81
...
skip-checks: true
2021-04-12 09:20:26 +00:00
1002a81fa1
Update all.json ( #246 )
2021-04-12 11:18:02 +02:00
d60935e4cd
[CI Skip] release/stable 0.6.77
...
skip-checks: true
2021-04-11 19:13:28 +00:00
2d0f0a7f84
Update all.json ( #237 )
...
scam is not even set up yet
relatively high confidence this is ripe for blocking, based on where it is hosted.
(many other scams on the same IP)
2021-04-11 07:44:48 +02:00
0c4b0e5f05
[CI Skip] release/stable 0.6.74
...
skip-checks: true
2021-04-09 19:05:39 +00:00
20a8921e16
Update all.json ( #236 )
...
new bad url
also dodgy: polkadot-mixer[.]to
2021-04-09 21:03:28 +02:00
3e3d63ce02
Update all.json ( #235 )
...
Scam is not set up yet but based on where it i hosted adding in advance.
2021-04-08 14:03:07 +02:00
1e8deae4e4
[CI Skip] release/stable 0.6.70
...
skip-checks: true
2021-04-08 07:10:04 +00:00
51efb16b2e
Update all.json ( #230 )
...
* Update all.json
2 more bad "polkastarter" URLs
Both share the same hoting IP via DNS A 185.104.45.68
* Update all.json
Co-authored-by: Jaco Greeff <jacogr@gmail.com >
2021-04-08 09:07:46 +02:00
51a431116b
[CI Skip] release/stable 0.6.69
...
skip-checks: true
2021-04-08 06:59:57 +00:00
b7918c5dbf
Update all.json ( #231 )
...
Found one more, adding TLD only + full FQDN and the end URL they redirect users to to steal the mnemonic seed phrase.
2021-04-08 08:57:50 +02:00
2f90d5bde4
[CI Skip] release/stable 0.6.68
...
skip-checks: true
2021-04-08 06:57:26 +00:00
3c7601959a
Add new bad URL registered yesterday ( #229 )
...
Domain: polkastarter.fund
Registrar: NameCheap, Inc.
Registered On: 2021-04-07
https://cdn.discordapp.com/attachments/807400385642889286/829465778566725662/Screenshot_2021-04-08_at_0.18.24.png
https://urlscan.io/result/7c6d1356-0331-47a4-b0f7-d3bfdf239468/
2021-04-08 08:55:21 +02:00
cd1c504b73
[CI Skip] release/stable 0.6.67
...
skip-checks: true
2021-04-07 18:28:51 +00:00
84f98782d1
Update all.json ( #228 )
...
Two more:
polkadotjs.online
polkadot-airdropevents.network
2021-04-07 21:26:39 +03:00
02a5d9e4a8
Update all.json ( #227 )
...
Another one: polkadot.casa
Some sort of investment fraud for bitcoin. I guess all bitcoin domains were taken.
2021-04-07 21:25:51 +03:00
379bb62a7b
[CI Skip] release/stable 0.6.66
...
skip-checks: true
2021-04-07 16:59:11 +00:00
25b8af2c2a
Update all.json ( #226 )
...
Added
- walletweb.net
- wallets-validation.com
- walletconnectsupport.com
- walletconnect.buzz
- kusama.fund
- polkapool.live
- mynodeswallet.online
- walletconnects.support
- walletconnect.biz
- substrate.mobi
2021-04-07 19:57:07 +03:00
762692c377
Add "Polkadoot" ( #225 )
...
Definitely a scam, asks for Bitcoin wallet when signing up but due to name, I think it makes sense to add here
2021-04-07 12:29:41 +02:00
8dc6e8d0ec
Add whitelist-network.com ( #221 )
2021-04-05 11:50:56 +02:00
58d098278b
[CI Skip] release/stable 0.6.58
...
skip-checks: true
2021-04-04 09:39:20 +00:00
35d55d3cab
Add new bad URL ( #220 )
...
Known bad TLD, new subdomain.
2021-04-04 12:37:16 +03:00
c12f5db67d
[CI Skip] release/stable 0.6.56
...
skip-checks: true
2021-04-03 05:05:44 +00:00
16aa695358
add new bad URL ( #216 )
...
registered today
2021-04-03 07:03:48 +02:00
d0f0e37552
Add new bad URL ( #213 )
...
polkadot-promo.net
advancedpolkadot[.]com - "info@blockchain.st " 💁♂️ 😕
goldpolkadot[.]com - "info@blockchain.st " 💁♂️ 😕
polkadot[.]casa/#top-widget1 - some sort of bitcoin ponzi, not related to DOT, ignoring
polkadotsevent[.]com - landing page, will monitor it
polkadot365[.]com - landing page, will monitor it
polkadotbank[.]com - "info@blockchain.st " 💁♂️ 😕
2021-04-02 15:20:11 +03:00
1b713fe3a2
[CI Skip] release/stable 0.6.53
...
skip-checks: true
2021-04-02 04:50:19 +00:00
d03f92fba2
Update addr (as detected) ( #212 )
...
* Update addr (as detected)
* Remove dupe
2021-04-02 06:48:09 +02:00
36b2176f8c
Add new bad URL ( #211 )
...
Freshly registered. Scam is not yet set up.
Bad IP hosting many other phish.
https://www.virustotal.com/gui/ip-address/198.54.126.114/relations
Based on the registrar + bad IP combo = blocking in advance, no need to wait for scam to be setup.
2021-04-02 06:47:32 +02:00
154752988b
Add new wallet connect clones ( #210 )
...
wallets-connect.net ➡ https://urlscan.io/result/e2fc43a1-a8ec-438a-a194-ee3f5bc62578/
walletbloksconnect.live ➡ https://urlscan.io/result/8eb53d9c-2a49-4a18-bde3-71580e23f215/
walletconnectbot.com ➡ https://urlscan.io/result/aadc4b34-7420-4a1b-aca1-0256bafd1c73/
xn--wlletconnect-cbb.com ➡ https://urlscan.io/result/babc8cc6-c2c6-4c10-af2d-42c0b149bb8f/
Yesterday found those but trezor and uniswap dont support dot, so only adding the fake multi wallets.
2021-04-02 07:26:05 +03:00
8547dc23d3
Added wallets-connect[.]net ( #209 )
...
Added wallets-connect[.]net
Multi-wallet phishing site
2021-04-02 07:24:51 +03:00
22a09c4532
Added 1sgexchange[.]com ( #207 )
...
1sgexchange[.]com imitating 1sg stable coin and running a giveaway for DOT on TG (claimpolkadot[.]org)
2021-04-01 15:19:18 +03:00
34fac9a0b2
[CI Skip] release/stable 0.6.51
...
skip-checks: true
2021-03-30 17:07:58 +00:00
4364013951
Add new bad url ( #206 )
...
Not necessarily polkadot phishing per se, more like rug pull / pump and dump token abusing the projects good name and image.
polkastarter.ai
Suspect bad "contract" 0x7b1Df8e80ce3F5AF35ed4B9c971916A7f62c847D
2021-03-30 20:05:58 +03:00
6fbf01c939
add new bad URL ( #204 )
...
claimpolkadot.org
Registered On:2021-03-30
2021-03-30 17:20:59 +02:00
b0ea476e1e
Update all.json ( #200 )
...
* Update all.json
* Update all.json
2021-03-30 08:41:25 +02:00
e654304c5d
[CI Skip] release/stable 0.6.46
...
skip-checks: true
2021-03-30 05:25:15 +00:00
42e36c0d92
Add new bad URL ( #201 )
...
fake "wallet" stealing polkadot (and other) mnemonic seed phrase
2021-03-30 08:23:16 +03:00
Dan Shields
