Close Menu
    Regulation

    SEAL Introduces Tool for TLS Attestations to Combat Phishing

    Ethan CarterBy No Comments2 Mins Read
    1760418464

    The nonprofit organization, Security Alliance, has introduced a new tool aimed at aiding security researchers in validating crypto phishing attacks, which resulted in over $400 million being stolen in the year’s first half.

    On Monday, the Security Alliance (SEAL) announced that it developed a tool for “advanced users and security researchers” to combat crypto phishing by confirming whether a reported phishing site is indeed malicious.

    Cybersecurity researchers often lack clear visibility into what users experience when they encounter potentially harmful links, as scammers utilize “cloaking features” to deliver benign content to suspected web scanners, they noted.

    The new tool, known as the “TLS Attestations and Verifiable Phishing Reports” system, is designed to assist security researchers by validating that the malicious website indeed contains the phishing content claimed by the user.

    “It’s meant to be a resource to help experienced ‘good guys’ collaborate more effectively, rather than the average user,” SEAL explained to Cointelegraph.

    “What we needed was a way to see what the user was seeing. After all, if someone claims that a URL was serving malicious content, we can’t just take their word for it.”

    How SEAL’s verifiable phishing reports function

    The system operates with a trusted attestation server serving as a cryptographic oracle during the TLS connection.

    Transport Layer Security (TLS) is a protocol for secure communication across a computer network, encrypting data to safeguard it from eavesdropping and tampering.

    Related: Venus Protocol user suffers $13.5M loss from phishing attack

    The user or researcher sets up a local HTTP proxy that intercepts connections, records connection details, and sends them to the attestation server. The server manages all encryption/decryption tasks while the user retains the actual network connection.

    0199e0d6 9b16 7f23 a390 8da9fc1d348d
    Attestation in action, identifying malicious links. Source: SEAL

    Verifiable Phishing Reports

    Users can submit “Verifiable Phishing Reports,” which are cryptographically signed proofs detailing exactly what content a website has delivered to them.

    SEAL can then confirm the legitimacy of these reports without needing to access the phishing sites themselves, making it significantly more challenging for attackers to conceal their harmful content.

    “This is a tool meant for advanced users and security researchers ONLY,” SEAL stated on the GitHub download page.

    Magazine: Bitcoin’s ‘macro whiplash,’ Shuffle suffers data breach: Hodler’s Digest