Wdomains spoofing deribit cryptocurrency trading platform

Intel Name: Wdomains spoofing deribit cryptocurrency trading platform

Date of Scan: September 26, 2024

Impact: Medium

Summary:
We have been tracking scam campaigns that impersonate various cryptocurrency trading platforms. These campaigns utilize domain names that closely resemble the targeted brands. The following domains all mimic deribit[.]com and share similar hosting setups. However, the hosting infrastructure for these malicious domains is clearly distinct from that of the legitimate Deribit platform. They employ both Cloudflare and non-Cloudflare IP addresses and frequently switch between different hosting locations.

More Details