Title: Fake Tornado Cash website Post by: Yaunfitda on January 12, 2021, 12:09:28 PM Tornado cash - https://tornado.cash/, "a non-custodial Ethereum and ERC20 privacy solution based on zkSNARKs. It improves transaction privacy by breaking the on-chain link between the recipient and destination addresses", is now being clone as well by cyber actors.
The fake website: Code: https://tornadocash.org/ https://i.imgur.com/4B3krZ6.png Archived: https://archive.is/zYvKT Quote Registrant Org WhoisGuard, Inc. Registrant Country pa Registrar NameCheap, Inc. IANA ID: 1068 URL: http://www.namecheap.com Whois Server: whois.namecheap.com (p) Registrar Status serverTransferProhibited Dates 37 days old Created on 2020-12-06 Expires on 2021-12-06 Updated on 2020-12-06 IP Address 104.31.77.95 - -1 other site is hosted on this server The real website is: https://app.tornado.cash/. And this is how it looks: https://i.imgur.com/cpEatGK.png Almost the same and it's hard to distinguished initially. This is the official github repo: https://github.com/tornadocash/tornado-core Title: Re: Fake Tornado Cash website Post by: erikoy on January 12, 2021, 12:31:35 PM Reasons for the increase in Phishing Activities Probably this method of phishing was true about a certain program which is sold in the black market that can make a sophisticated phishing site. Reported phishing site here in the forum are only just few of the phishing sites that has been probably made. There could be more of it and we need to be vigilant always not to get compromise with our digital currency funds. The best way to avoid is to always check the correct link and bookmark it once visited to get easy access in the next visit. Universal man-in-the-middle phishing kit - A tool that could create a sophisticated phishing site which is sold in underground market for about 1000$. According to RSA security that the kit could allow access to almost any web sites to be configured for phishing. It added that using the kit the researchers were able to create a fraudulent URL via a simple and user friendly user interface to which hacker novice can create a sophisticated phishing attack. https://i.imgur.com/Tppd8CW.png Other than that educate one self about phishing is the key to prevent from getting scam in this kind of activity. |