Phishing Analysis: Platform.co.uk

Captura Visual

Screenshot of bafkreietmq2owe4mmr4olp44ogax3zu5zxvomkq5cawnxu5vivaa7tzabq.ipfs.dweb.link

Informações de Detecção

https://bafkreietmq2owe4mmr4olp44ogax3zu5zxvomkq5cawnxu5vivaa7tzabq.ipfs.dweb.link/?V2J7Q8KXN=XJ2K5N9PVLYnJpZGdldC5maXR6Z2VyYWxkQHBsYXRmb3JtLmNvLnVrBV9X2J7PKL

Detected Brand

Platform.co.uk

Country

UK

Confidence

95%

HTTP Status

200

Report ID

1df9456d-926…

Analyzed

2026-02-27 06:24

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T123413230A028A8631292C6D877E12B1B35D6C30ACF526B0563FC939967FAD09ED29498
CONTENT ssdeep	24:niPVCCcASZcmDGguDfEaQybnKn/9P6uRPOzRQ6+NeJoFHNHzipkEKHVJFg4uB/es:nCVWhcqGgC9bKVPTJnFHB2K13DHHsN

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	f6a6cc9999886666
VISUAL aHash	ffffe6fee4e4f8f0
VISUAL dHash	00104c100c4c3000
VISUAL wHash	fcf8e0f8f8e0e0c0
VISUAL colorHash	070060000c0
VISUAL cropResistant	00104c100c4c3000,c026292c242528c0

Análise de Código

Risk Score 53/100

Threat Level ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Usuários do Platform.co.uk
• Método: Imitação da página de login usando um domínio suspeito e IPFS.
• Exfil: Email e Senha
• Indicadores: Javascript ofuscado, envio de formulário, URL suspeita.
• Risco: ALTO

🔒 Obfuscation Detected

atob

📡 API Calls Detected

POST

📊 Detalhamento da Pontuação de Risco

Total Risk Score

90/100

Contributing Factors

Suspicious Domain

The domain is not a registered domain and uses IPFS for hosting.

Form Submission

The page includes a form requesting email and password.

Obfuscated Javascript

atob code detected, indicates malicious behavior and attempts to hide what is being done by the javascript.

🔬 Análise Integral de Ameaças

Tipo de Ameaça

Credential Harvesting Kit

Alvo

Platform.co.uk users (UK)

Método de Ataque

Brand impersonation + credential harvesting forms + obfuscated JavaScript

Canal de Exfiltração

Form submission (backend endpoint not detected - likely JavaScript-based)

Avaliação de Risco

MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

Kit types: Credential Harvester
3 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand

Platform.co.uk

Official Website

platform.co.uk

Fake Service

Login Portal

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting

This is a phishing site designed to steal login credentials. The attacker will likely use the stolen credentials to access the user's platform.co.uk account.

Secondary Method: Social Engineering

The attacker uses the visual layout of Platform.co.uk to trick the user to enter their credentials. This is because it is hosted on IPFS and can be accessed by anyone, so this makes it easier for the attacker to avoid detection by security tools. It also can spread by people sharing the IPFS link.