DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Everything old is new again… or did it just never stop? (1)

Posted on March 21, 2023 by Dissent

In June 2022, Christopher Cook reached out to IPFS:

Hi @IPFS if someone sends a phishing email with an link to IPSF.io (sic) is that something that needs to be reported to your abuse team? If so, this is their link which is phishing for cpanel logins https://ipfs.io/ipfs/QmatpCGs1h4jCwAWcbUEFMMLrLjYi1Po3o29JWcCVxfszx

— Christopher Cook (@webprofusion) June 7, 2022

That link is now gone, but at the time, @[email protected] replied to Cook:

Thanks for reporting this 🙏🏼 I’ve passed it along. Yes, you can email [email protected] with anything like this.

— @[email protected] (@dietrich) June 14, 2022

Months later, @CEOemail commented:

ipfs abuse is becoming a big problem.

Why aren’t you doing proper due diligence on potential customers *before* allowing them to use your platform?

— CEOemail ✉ – Marcus Williamson (@CEOemail) October 14, 2022

There was no reply to that.

Today, DataBreaches received an email addressed to the administrator account.   The content was typical of phishing attempts in that it threatened a cutoff date for email services and provided a link to click to verify my identity in case they had made a mistake.

Somewhat amusingly, the “From” line in the email showed the sender as “Admin”<[email protected]>.

But if clicked, the validation link would have taken me to a url on IPFS.io. The url did not point to the exact same url that Cook reported last June, but the url pointed to the same directory as Cook had reported: https://ipfs.io/ipfs/

DataBreaches has sent an email to [email protected]:

Hi. I know IPFS was made aware of this security issue last June (a
thread on Twitter confirms that), but your domain appears to still be
used for phishing attacks. See forward below and attached for
screencap of email body.

The phishing link points to:
https://ipfs.io/ipfs/[redacted]

And please explain to me why the threat actors are still able to
misuse your domain.

Thank you.

DataBreaches awaits their reply.

Update March 22. IPFS.io has not replied, and two more phishing attempts have been received. These appear to be from DocuSign:

Phishing attempt appears to be from DocuSign but redirects to an IPFS.io link.

Category: Breach Incidents

Post navigation

← BreachForums down, and will not be back
Has Oakland been hit with a second ransomware attack? (1) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Why Dumping Sensitive Data on Network Shares is a Liability
  • A militarily degraded Iran may turn to asymmetrical warfare – raising risk of proxy and cyber attacks
  • Pro-Russian hackers disrupt Dutch government websites ahead of NATO summit
  • Iran-Linked Threat Actors Leak Visitors and Athletes’ Data from Saudi Games
  • UK: Oxford City Council still investigating cyberattack from earlier this month
  • Steelmaker Nucor Says Hackers Stole Data in Recent Attack
  • People’s Republic of China cyber threat activity: Cyber Threat Bulletin
  • Ukrainian Web3 security auditing company Hacken suffered an attack that allowed a hacker to create 900 million HAI tokens
  • McLaren provides written notice to 743,131 patients after ransomware attack in July 2024 (1)
  • A state forensics lab was leaking its files. Getting it locked down involved a number of people.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.