- Security Alliance released a tool to help security researchers verify crypto phishing attacks.
- Over $400 million in crypto was stolen through phishing attacks in the first half of the year.
- The system uses cryptographic techniques to confirm that phishing websites show malicious content to users.
- Researchers can submit verifiable, cryptographically signed reports of phishing attempts.
- The tool is designed for experienced users and aims to overcome cloaking techniques used by scammers.
Security Alliance, a nonprofit focused on Cybersecurity, launched a new tool this week to help security researchers confirm cryptocurrency phishing attacks. The release comes after crypto phishing led to more than $400 million in losses in the first six months of this year.
In an announcement on Monday, the organization said the tool enables advanced users and researchers to verify if a reported phishing website is truly malicious. According to Security Alliance (SEAL), scammers often use “cloaking features” that show harmless content to web scanners but display harmful content to real users.
The tool, named “TLS Attestations and Verifiable Phishing Reports,” allows security researchers to see what actual users experience on suspicious websites. SEAL told Cointelegraph, “It’s intended to be a tool to help experienced ‘good guys’ work better together, rather than the average user.” SEAL added, “What we needed was a way to see what the user was seeing. After all, if someone claims that a URL was serving malicious content, we can’t just take their word for it.”
The system operates by having a trusted server act as a cryptographic oracle during the establishment of a TLS (Transport Layer Security) connection. TLS is a protocol that protects data exchanged over networks by encrypting it, preventing data theft or tampering. Users or researchers run a local proxy that captures details of their connection and sends them to the attestation server, which manages the encryption and decryption parts, while the user handles the network link directly.
Researchers can then submit “Verifiable Phishing Reports,” which are cryptographically signed and can prove precisely what content was displayed by a website. This approach allows Security Alliance to confirm the presence of phishing material without direct access to dangerous sites, making it harder for attackers to conceal their fraudulent content. For those interested, SEAL has published technical details and access to the tool on its GitHub download page.
SEAL clarified that the tool is intended for advanced users and security professionals only.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Nvidia CEO Delivers DGX Spark Supercomputer to Elon Musk at Starbase
- China Renaissance Eyes $600M BNB Fund as Asia Shifts Crypto Focus
- Presearch Launches Discover More Campaign to Revolutionize Web Search
- Bitcoin Suffers Record $11B Futures Liquidation After Trump Tariffs
- Steak ‘n Shake Rejects Ethereum, Sticks With Bitcoin Payments
