pezkuwichain/phishing
1
0
Fork 0
mirror of https://github.com/pezkuwichain/phishing.git synced 2026-04-23 06:08:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,299 Commits 1 Branch 0 Tags
d59814d01fea5714f55da170f052114d4151ce5e
Commit Graph

1299 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jaco d635818ad4 Update cron checks (#256) 2021-04-13 20:19:32 +02:00
Jaco 6ed5e885d9 Update .123trigger 2021-04-13 19:58:51 +02:00
Mich 47fee39c5a Update address.json (#255) 
related to #254 for
polkadot-gift[.]org
 2021-04-13 19:20:45 +02:00
Mich ba00c14cc7 Update all.json (#254) 
just registered
 2021-04-13 19:19:47 +02:00
Github Actions 16a1907e77 [CI Skip] release/stable 0.6.86 
skip-checks: true
 2021-04-13 17:05:29 +00:00
michalisFr 6de10d5789 Update all.json (#252) 
Added bscpad[.]in

for https://bscpad[.]in/whitelist/polkadotwallet.html
 2021-04-13 19:03:32 +02:00
Github Actions 7db9454eb4 [CI Skip] release/stable 0.6.85 
skip-checks: true
 2021-04-13 15:24:37 +00:00
michalisFr 0ea72bf56f Update all.json (#251) 
Added 
polkadotchain[.]net
polkadotparachain[.]com
polkadottoken[.]org

from PR #243 pre-emptively
 2021-04-13 18:22:49 +03:00
Github Actions 70ac205c29 [CI Skip] release/stable 0.6.84 
skip-checks: true
 2021-04-13 06:08:32 +00:00
Mich 507dc35256 Update all.json (#243) 
I am seeing a lot of domains which I am having trouble classify.
They are all named polkadot something (gold, advanced, bank) and always come up with a blank page only with an email address.

advancedpolkadot[.]com - "info@blockchain.st"
goldpolkadot[.]com - "info@blockchain.st"
polkado[.]com -  "info@blockchain.st"
polkadotbank[.]com - "info@blockchain.st"

I would like to check with the team if this email rings any bells. 

If not I suggest to blacklist those just in case, despite them not serving bad content right now.

My suspicion is that those could be used for
- cybersquatting (re-sell domains for higher price)
- SEO reputation gains (and future advertisement placement on yahoo, duckduckgo or google leading to the fake polkadot clones showing on top)
- GeoFenced phish - serving contents only to users of a particular country.
 2021-04-13 08:06:43 +02:00
Github Actions 12096ad39d [CI Skip] release/stable 0.6.83 
skip-checks: true
 2021-04-13 05:09:12 +00:00
Mich b2eb7fffb6 Update address.json (#250) 
add new bad wallet from #249
 2021-04-13 07:07:04 +02:00
michalisFr 91c5f1dea0 Update all.json (#248) 
Added dot-give[.]com
 2021-04-13 07:06:39 +02:00
Mich bf968f25f1 Update all.json (#249) 
add new bad url
promoted via twitter fake impersonator profile
 2021-04-13 07:06:16 +02:00
Github Actions 392fdb6252 [CI Skip] release/stable 0.6.82 
skip-checks: true
 2021-04-12 12:01:15 +00:00
michalisFr 9cf2d4c6df Update all.json (#247) 
Added polkagiveaway[.]com. Site is currently down but a user fell for it.

Also, oxy[.]dev which is copycat of a W3F grant recipient. The original project is oxydev.ir
 2021-04-12 13:59:17 +02:00
Github Actions 81c070aa92 [CI Skip] release/stable 0.6.81 
skip-checks: true
 2021-04-12 09:20:26 +00:00
michalisFr 4e40fe2763 Update address.json (#245) 
Added address from blockfipro[.]com, scam trading platform
 2021-04-12 11:18:18 +02:00
michalisFr 1002a81fa1 Update all.json (#246) 2021-04-12 11:18:02 +02:00
Github Actions a28926d498 [CI Skip] release/stable 0.6.80 
skip-checks: true
 2021-04-12 08:55:01 +00:00
Bill Laboon e9ee7f4bcd Change known to potential (#244) 2021-04-12 10:52:57 +02:00
Github Actions 18d1295958 [CI Skip] release/stable 0.6.79 
skip-checks: true
 2021-04-11 19:41:30 +00:00
Jaco Greeff cb256d82df Add new cron check (#242) 
* Add new cron check

* Deps bump
 2021-04-11 21:39:30 +02:00
Github Actions 0ad43b978a [CI Skip] release/stable 0.6.78 
skip-checks: true
 2021-04-11 19:17:21 +00:00
Mich faee123a57 Update all.json (#240) 
add new bad url 
polkadot-gift.info

The scammer's wallet is 15qfYtQaRHHqxxAhRX5qKh6HXeWaSaF7rLfzjLtgW27USYH1
 2021-04-11 21:15:08 +02:00
Github Actions d60935e4cd [CI Skip] release/stable 0.6.77 
skip-checks: true
 2021-04-11 19:13:28 +00:00
Mich ba95d59c7a add new bad wallet (#241) 2021-04-11 21:11:48 +02:00
Github Actions a0e1c74f7d [CI Skip] release/stable 0.6.76 
skip-checks: true
 2021-04-11 06:06:22 +00:00
Jaco Greeff d24fe7467a Additional addresses (#239) 2021-04-11 08:04:09 +02:00
Github Actions 168cd119c1 [CI Skip] release/stable 0.6.75 
skip-checks: true
 2021-04-11 05:46:37 +00:00
Mich 2d0f0a7f84 Update all.json (#237) 
scam is not even set up yet
relatively high confidence this is ripe for blocking, based on where it is hosted.
(many other scams on the same IP)
 2021-04-11 07:44:48 +02:00
Github Actions 0c4b0e5f05 [CI Skip] release/stable 0.6.74 
skip-checks: true
 2021-04-09 19:05:39 +00:00
Mich 20a8921e16 Update all.json (#236) 
new bad url
also dodgy: polkadot-mixer[.]to
 2021-04-09 21:03:28 +02:00
Github Actions c8e55588a3 [CI Skip] release/stable 0.6.73 
skip-checks: true
 2021-04-08 12:05:13 +00:00
Mich 3e3d63ce02 Update all.json (#235) 
Scam is not set up yet but based on where it i hosted adding in advance.
 2021-04-08 14:03:07 +02:00
Github Actions d331cfa0a6 [CI Skip] release/stable 0.6.72 
skip-checks: true
 2021-04-08 08:31:51 +00:00
Jaco Greeff 276dc24803 Bump deps (#234) 2021-04-08 10:29:29 +02:00
Github Actions 23ee824f1d [CI Skip] release/stable 0.6.71 
skip-checks: true
 2021-04-08 07:40:45 +00:00
Jaco Greeff b81f754e21 Dedupe list, don't fail build (#233) 
* Dedupe list, don't fail build

* Erk, reduce

* Cleanups
 2021-04-08 09:38:48 +02:00
Github Actions 1e8deae4e4 [CI Skip] release/stable 0.6.70 
skip-checks: true
 2021-04-08 07:10:04 +00:00
Mich 51efb16b2e Update all.json (#230) 
* Update all.json

2 more bad "polkastarter" URLs
Both share the same hoting IP via DNS A 185.104.45.68

* Update all.json

Co-authored-by: Jaco Greeff <jacogr@gmail.com>
 2021-04-08 09:07:46 +02:00
Github Actions 51a431116b [CI Skip] release/stable 0.6.69 
skip-checks: true
 2021-04-08 06:59:57 +00:00
Mich b7918c5dbf Update all.json (#231) 
Found one more, adding TLD only + full FQDN and the end URL they redirect users to to steal the mnemonic seed phrase.
 2021-04-08 08:57:50 +02:00
Github Actions 2f90d5bde4 [CI Skip] release/stable 0.6.68 
skip-checks: true
 2021-04-08 06:57:26 +00:00
Mich 3c7601959a Add new bad URL registered yesterday (#229) 
Domain: polkastarter.fund
Registrar: NameCheap, Inc.
Registered On: 2021-04-07

https://cdn.discordapp.com/attachments/807400385642889286/829465778566725662/Screenshot_2021-04-08_at_0.18.24.png
https://urlscan.io/result/7c6d1356-0331-47a4-b0f7-d3bfdf239468/
 2021-04-08 08:55:21 +02:00
Github Actions cd1c504b73 [CI Skip] release/stable 0.6.67 
skip-checks: true
 2021-04-07 18:28:51 +00:00
michalisFr 84f98782d1 Update all.json (#228) 
Two more:
polkadotjs.online
polkadot-airdropevents.network
 2021-04-07 21:26:39 +03:00
michalisFr 02a5d9e4a8 Update all.json (#227) 
Another one: polkadot.casa

Some sort of investment fraud for bitcoin. I guess all bitcoin domains were taken.
 2021-04-07 21:25:51 +03:00
Github Actions 379bb62a7b [CI Skip] release/stable 0.6.66 
skip-checks: true
 2021-04-07 16:59:11 +00:00
michalisFr 25b8af2c2a Update all.json (#226) 
Added 
- walletweb.net 
- wallets-validation.com
- walletconnectsupport.com
- walletconnect.buzz
- kusama.fund
- polkapool.live
- mynodeswallet.online
- walletconnects.support
- walletconnect.biz
- substrate.mobi
 2021-04-07 19:57:07 +03:00