[PSA] DeepDot Onion Phishing Links

this is a self post, upvote for visibility

Yesterday there was a topic posted regarding a fake Grams Flow URL which linked to a phishing clone of Agora, I and /u/gramsadmin played this down as an attempt to dirt the name of Grams, however it may have been that they got the URL from Deepdot as 2 other posts have been added regarding similar things happening.

There seems to be malicious exit nodes redirecting to phishing sites from the links placed on Deepdot or it may be that there is even a clone of Deepdot filled with these links.

Make sure you cross examine all onion URLs if you don't wish to have your accounts hacked or coins stolen. You shouldn't really trust the sub even as the list could be edited maliciously. You're best keeping a list stored of correct links to prevent this from happening.


Comments


[4 Points] deezyyyy:

Not trying to be THAT GUY, but does anybody know who owns deepdot? How do we know 100% for-sure they are not serving up malicious links on random page requests? Also, another idea for deepdot, why don't they force-HTTPS / SSL connection? SSL data is encrypted and tor exit nodes can not alter it as far as I know.


[2 Points] gramsadmin:

Can anyone replicate this?


[1 Points] None:

[removed]


[1 Points] deepdot:

Kinda skeptical about these reports until someone provides something we can replicate. Out of MANY millions of visitors we had, i'd assume we'll get some reliable detail once in a while like we are getting with other non related issues when they happen, on a regular basis.

Ive been trying to replicate those for almost two years with no success. I urge anyone who is able to come across such issue to c ont. act me with the exit node ip.

Until than, i consider this a FUD or some local infection.

Anout SSL - its being stripped by malicious nodes, happened many times.

Edit: fucking automod


[1 Points] None:

[deleted]


[1 Points] None:

You're lying. You do wanna be THAT GUY.


[1 Points] None:

[removed]


[0 Points] None:

[deleted]