DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Everything old is new again… or did it just never stop? (1)

Posted on March 21, 2023 by Dissent

In June 2022, Christopher Cook reached out to IPFS:

Hi @IPFS if someone sends a phishing email with an link to IPSF.io (sic) is that something that needs to be reported to your abuse team? If so, this is their link which is phishing for cpanel logins https://ipfs.io/ipfs/QmatpCGs1h4jCwAWcbUEFMMLrLjYi1Po3o29JWcCVxfszx

— Christopher Cook (@webprofusion) June 7, 2022

That link is now gone, but at the time, @[email protected] replied to Cook:

Thanks for reporting this 🙏🏼 I’ve passed it along. Yes, you can email [email protected] with anything like this.

— @[email protected] (@dietrich) June 14, 2022

Months later, @CEOemail commented:

ipfs abuse is becoming a big problem.

Why aren’t you doing proper due diligence on potential customers *before* allowing them to use your platform?

— CEOemail ✉ – Marcus Williamson (@CEOemail) October 14, 2022

There was no reply to that.

Today, DataBreaches received an email addressed to the administrator account.   The content was typical of phishing attempts in that it threatened a cutoff date for email services and provided a link to click to verify my identity in case they had made a mistake.

Somewhat amusingly, the “From” line in the email showed the sender as “Admin”<[email protected]>.

But if clicked, the validation link would have taken me to a url on IPFS.io. The url did not point to the exact same url that Cook reported last June, but the url pointed to the same directory as Cook had reported: https://ipfs.io/ipfs/

DataBreaches has sent an email to [email protected]:

Hi. I know IPFS was made aware of this security issue last June (a
thread on Twitter confirms that), but your domain appears to still be
used for phishing attacks. See forward below and attached for
screencap of email body.

The phishing link points to:
https://ipfs.io/ipfs/[redacted]

And please explain to me why the threat actors are still able to
misuse your domain.

Thank you.

DataBreaches awaits their reply.

Update March 22. IPFS.io has not replied, and two more phishing attempts have been received. These appear to be from DocuSign:

Phishing attempt appears to be from DocuSign but redirects to an IPFS.io link.

Category: Breach Incidents

Post navigation

← BreachForums down, and will not be back
Has Oakland been hit with a second ransomware attack? (1) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Lower Merion School District says a data breach was caused by a computer glitch
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.