Blockstack uses Man-in-the-Middle Counter Assault against Phishing Sites

Scammers in anticipation of successfully luring a category of investors of a company called Blockstack, which withdrew the free fall investors were enjoying from token sale of shares, now intended for qualified investors solely, grabbed the opportunity to create phishing websites that were replicas of blockstack.com. Naturally, these spoofed websites had to be hosted on certain Blockstack regulated server that supported the real website's most popular banner with the company's tweets.

The phishing websites being hosted on Blockstack's server helped the company deregulate the websites via what turned out to be its man-in-the-middle (MITM) counter assault. The MITM assault involves data which somebody alters on some trustworthy portal, the person successfully placing himself between some website reader and certain publisher. In an instance like this, somebody can set up one WiFi hotspot which modifies web-pages prior to their being accessed on an end-user's Web-browser.

The MITM assault by Blockstack, however, helped for good because the company placed itself between its own inputs on twitter.com and the phishing sites. Such a simple solution by Blockstack developers relied on a backdoor created for entering the banner for cautioning investors who possibly would've lost their capital because the websites weren't genuine. Quant Coin posted this, November 30, 2017.

Within an e-mail to CoinDesk, Muneeb Ali, co-founder of Blockstack elaborated that the company's particular server looked for Twitter feeds which it formatted to suit blockstack.com. He added that any request traffic, which actually wasn't from www.blockstack.com, the company exhibited for it the message "THIS IS A PHISHING SITE" in place of the twitter message.

Blockstack told CoinDesk the names of 2 separate URLs the phishers used. Another co-founder Ryan Shea informed CoinDesk that the company encountered a few phishing websites which floated onto the Web and which typically attempted at drawing traffic towards them, against which Blockstack adopted additional safeguards.

Blockstack's ICO happened to be a most attractive token sale among the many of 2017. Scammers exploited it with the publicity used for creating web-links to fake sites touted and distributed across social media. Worryingly, even with the token sale at Blockstack almost concluding a phishing site continues to function.

» SPAMfighter News - 12/7/2017