Advertised sites are not endorsed by us. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
OpenDNS Security Labs has discovered 100 fake bitcoin and blockchain domains that mimic legitimate bitcoin wallets in an attempt to steal credentials.
The domains share a provider with three different names that has used the IP space to sell pornography, false merchandise and phishing sites. The sites, most of which were registered on May 26, continue to pop up, indicating the campaign continues, according to Threatpost.
Researchers Trace Connections
OpenDNS Security Labs researchers Dhia Majoub, Artsiom Holub and Jeremiah O’Connor were able to trace connections among name servers, IP addresses and Whois indicators over the past few weeks to determine the campaign’s scope.
An Israeli cloud-based security firm, Cyren, initially came across the campaign in early June by observing the Blockchain.info domain spreading through a pay-per-click advertising scam by Google AdWords. A user tricked into visiting the site and logging in would hand their Blockchain credentials to the attackers.
OpenDNS noticed a