Intel Name: Wdomains spoofing deribit cryptocurrency trading platform
Date of Scan: September 26, 2024
Impact: Medium
Summary: We have been tracking scam campaigns that impersonate various cryptocurrency trading platforms. These campaigns utilize domain names that closely resemble the targeted brands. The following domains all mimic deribit[.]com and share similar hosting setups. However, the hosting infrastructure for these malicious domains is clearly distinct from that of the legitimate Deribit platform. They employ both Cloudflare and non-Cloudflare IP addresses and frequently switch between different hosting locations.