This is already in auto-replies and if none is provided it defaults to an intro post. "infoBlog" : link to article that warns against the phishing campaing in progress. This attribute is also used in auto- replies to phishing comments to categorize threats. I used the latter in the past when I found a critical vulnerability in a Hive website and only until it got patched. "threatType" : PHISHING or COMPROMISED_DOMAIN. "fullLink": full link to the homepage of the phishing site "regex": used to match a known phishing domain Instead of just using a list of links, I use an array of objects and each object has the following properties: Instead of just using a list of known phishing domains, the blacklist could be restructured to something similar to what I'm currently using for blacklist (merged with the one).The window.location object is immutable therefore if you use that approach to open external lilnks, please consider switching to window.open so that my script will protect your user base from known phishing domains. window.location ( (url) and assignments to ).Overview of protected features on various Hive Frontends For example, what if my github account gets compromised? If all Hive frontends point to my script they would all be affected!Īnd now. It is clearly not a good idea to rely on my github as it's a single point of failure. It is highly recommended that you host your own version of this script for your production website.Update your Content Security Policy if necessary to allow your website to load my script from Github and to allow the request to api to go through.If a request is failing because of CORS, use for your tests (it's already there commented out in my script). In order to integrate it, simply add a tag to the head section of your index.html page. Integrating this script is very straightforward. Usage: How difficult is it to try out my universal script in your Hive-powered website? iframes, scripts, window open, XHR requests, Fetch api). More details will follow towards the end of the post to list all the native features of the browser that are hardened by my script in order to prevent phishing (ie. an image with some text saying "claim your $ 1000 in tokens at will not be displayed in any frontend that uses my script (or a variant of it) as soon as its URL is published into the public blacklist. Furthermore if you click on a known phishing link you'll see an alert telling you that it's phishing and it won't allow you to navigate to the phishing domain from the Hive frontend.Īny image that is marked as a phishing attempt (eg. It uses the native APIs offered by all browsers in order to immediately block phishing links and images in all Hive frontends as soon as they are discovered and published into the blacklist.Īny known phishing link in the UI will be red and strikethrough-ed. Using JS global overrides it is possible to prevent users from falling victim of phishing. ReactJS, AngularJS, VueJS, JQuery, vanilla JS, etc). It does no matter which framework the website maintainer used to develop their website (eg. I believe that blocking phishing campaigns in an unified way in all frontends is possible despite the different tech stacks in use. + other project maintaners: (apologies for the mass tag) I highly recommend though that the integration is thoroughly regression tested before it's used in production.ĪnonRamblings DTube Engage Engrave Hive-db Hive-Engine Hiveblockexplorer Hiveblocks HiveEngine Quello. It would be great if each Hive frontend maintaner could review it and adapt it to their needs (if they need to - I tested this script in all major Hive frontends already and it did not seem to have unwanted side effects). I have proved my universal script working on: (see screenshots down below) Navigate to and click on the "Request temporary access" button, 2. NOTE : the demo page will not be sanitized by my universal script until you: 1. Here is a demo website with my script in action:.Here is the universal script for all Hive frontends:.the universal script would immediately block the attack in all Hive frontends and at the same time leave the User Experience unaffected.Īs a matter of fact, this is what I worked on in the past few days. As soon as a phishing campaign starts on Hive and the attacker's domain is spotted and added to a blacklist API (eg. Potential solution:Use a plug-and-play universal script (or a modified copy of it) that all Hive frontends can integrate to block phishing links in a timely matter. It is time that the Hive community tries to mitigate this issue on their own.
0 Comments
Leave a Reply. |