CyberWisdom Safe Harbor Commentary on Reddit Clone
HEADSUP: People should be cautioned on information security at @Reddit. (Phishing?) The domain reddit (.) Uses the Columbia TLD website together – is a perfect visual Reddit for MITM.
Share this with Reddit users.
Reddit clone site
Security researcher Alex Muffett sounded the alarm on Sunday instead of noticing the Reddit team and was still waiting for Google’s secure browser to mark the site as malicious.
The fake website home page looks very much like Reddit, although clicking any non-Reddit photo or video post will return the HTTP ERROR 500 page.
As the author is writing this, the site is still up.
People behind fake websites also get SSL certificates so that users can see HTTPS and trust them on the “secure” site for encrypted connections:
As I was writing this, the site is still there.
Bigger problem on Reddit clone
“Do not misunderstand, this is a valid scam,” said Azeem Aleem, RSA’s director of advanced cyber-defense practices for Europe, the Middle East, and Africa.
“They spent a lot of time and effort creating a very realistic website and even displaying a secure SSL certificate in a browser window, which is well designed and enforced, underlining the real dangers of modern spoofing attacks. It is troubling that these complex scams collect personal information, but what is even more worrisome is that these stolen data will be used to steal information because the stolen credentials are used to undermine the victims’ other accounts, and to friends, colleagues And family complex phishing attacks. ”
He pointed out that time is of the essence for Reddit, and companies need to warn users about the site.
“It’s not just websites like Reddit.co – last year, more than 14,000 certificates were used to set up phishing sites that cheated PayPal, which shows the power of the cybercriminals to padlock them to deceive unsuspecting victims The case is credible and undermines the brand’s reputation via the Internet, “said Kevin Bocek, chief cybersecurity officer at Venafi.
“This attack is part of a bigger problem that harms the trust system used throughout the internet and explains why there is a need to build a new trust system based on reputation.The answer is a certificate credit rating to help people know What is trustworthy. ”
“This site was previously hosted by Porno, which is not a real Reddit-owned domain, was issued by Comodo, and genuine Reddit uses DigiCert-produced certificates, all of which were rated as long ago by Reddit as being flagged for repair Things, “he explained.
“Free certificates provide very little validation, but users think they are sacred. If people can not believe the websites they visit are real, our digital world may start to crash.” Now the corporate security team needs to take action because no one else will protect you from bad guys. ”
A convincing clone of the popular social news aggregation and discussion
site Reddit has been spotted on the reddit.co domain. The author is obviously counting on users not to spot it for what it is: a site meant to harvest users’ username and password. HEADSUP: Looking for infosec people at @Reddit. Website at (phishing?) domain reddit(.)co — using the Colombian TLD — was acting a pitch-perfect apparent MITM of the actual Reddit. Now returning 500 More → Engaging post, Read More…
thumbnail courtesy of helpnetsecurity.com
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post »