Phishing Analysis: Platform.co.uk

Captura Visual

Screenshot of bafkreietmq2owe4mmr4olp44ogax3zu5zxvomkq5cawnxu5vivaa7tzabq.ipfs.dweb.link

Información de Detección

https://bafkreietmq2owe4mmr4olp44ogax3zu5zxvomkq5cawnxu5vivaa7tzabq.ipfs.dweb.link/?V2J7Q8KXN=XJ2K5N9PVLYnJpZGdldC5maXR6Z2VyYWxkQHBsYXRmb3JtLmNvLnVrBV9X2J7PKL

Detected Brand

Platform.co.uk

Country

UK

Confidence

95%

HTTP Status

200

Report ID

1df9456d-926…

Analyzed

2026-02-27 06:24

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T123413230A028A8631292C6D877E12B1B35D6C30ACF526B0563FC939967FAD09ED29498
CONTENT ssdeep	24:niPVCCcASZcmDGguDfEaQybnKn/9P6uRPOzRQ6+NeJoFHNHzipkEKHVJFg4uB/es:nCVWhcqGgC9bKVPTJnFHB2K13DHHsN

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	f6a6cc9999886666
VISUAL aHash	ffffe6fee4e4f8f0
VISUAL dHash	00104c100c4c3000
VISUAL wHash	fcf8e0f8f8e0e0c0
VISUAL colorHash	070060000c0
VISUAL cropResistant	00104c100c4c3000,c026292c242528c0

Análisis de Código

Risk Score 53/100

Threat Level ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Usuarios de Platform.co.uk
• Método: Suplantación de la página de inicio de sesión utilizando un dominio sospechoso y IPFS.
• Exfil: Correo electrónico y contraseña
• Indicadores: Javascript ofuscado, envío de formulario, URL sospechosa.
• Riesgo: ALTO

🔒 Obfuscation Detected

atob

📡 API Calls Detected

POST

📊 Desglose de Puntuación de Riesgo

Total Risk Score

90/100

Contributing Factors

Suspicious Domain

The domain is not a registered domain and uses IPFS for hosting.

Form Submission

The page includes a form requesting email and password.

Obfuscated Javascript

atob code detected, indicates malicious behavior and attempts to hide what is being done by the javascript.

🔬 Análisis Integral de Amenazas

Tipo de Amenaza

Credential Harvesting Kit

Objetivo

Platform.co.uk users (UK)

Método de Ataque

Brand impersonation + credential harvesting forms + obfuscated JavaScript

Canal de Exfiltración

Form submission (backend endpoint not detected - likely JavaScript-based)

Evaluación de Riesgo

MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

Kit types: Credential Harvester
3 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand

Platform.co.uk

Official Website

platform.co.uk

Fake Service

Login Portal

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

This is a phishing site designed to steal login credentials. The attacker will likely use the stolen credentials to access the user's platform.co.uk account.

Secondary Method: Social Engineering

The attacker uses the visual layout of Platform.co.uk to trick the user to enter their credentials. This is because it is hosted on IPFS and can be accessed by anyone, so this makes it easier for the attacker to avoid detection by security tools. It also can spread by people sharing the IPFS link.