EtherAddressLookup v1.23 Now Available - No More Fake YouTube Live Scams!

The latest update now protects from known YouTube Live trust-trading scams.

Harry
Harry
Feb 21 · 4 min read

TL;DR: EtherAddressLookup v1.23 has launched and protects from known malicious YouTube livestreams that advertise trust-trading scams and bad publications on the telegra.ph domain (which have been becoming more and more common recently).

Back in 2017, just at the start of the “crypto bull run and ICO craze,” I published a browser extension that helped protect users from known phishing domains — the first browser extension that focused on protecting users, for free, from known cryptocurrency scams — and it got a lot of attention!

Since that time, we’ve seen how phishing kits evolved and techniques improved to try and get honest users to part with their cryptocurrency — and we’ve written about a lot of campaigns to help the community protect themselves.

To refresh your memory, here’s a brief, scattered timeline of campaigns that we’ve monitored, helped take down, and helped educate users about:

EtherAddressLookup was initially launched to tackle the influx of phishing domains in near-real-time without relying on third-party services, such as GoogleSafeBrowsing or PhishTank, to take time to verify and categorise bad domains. EAL allowed maintainers (people that the community trusted) to act fast and quickly push a malicious domain to the EAL blacklist to prevent a user running the browser extension (at the peak this was 120,000 cryptocurrency users) and interacting with the known bad domain — and it was effective!

EtherAddressLookup is different from other browser extensions that do similar jobs at protecting users. Instead of hitting a third-party server for every domain you browse, we store all the blacklists and whitelists locally (via LocalStorage on the extension). We don’t care for your browsing history or to fingerprint you in any way — only to protect you from known bad domains. You can read more on the published privacy policy. We also keep dependencies to a minimum so you don’t have to worry about another event-stream incident, and we are 100% open source (even our latest version is auditable) so you can audit the code as well as manually load the version you want.

The new update

With this new update, EtherAddressLookup will still be able to prevent you from interacting with bad domains, but also bad paths — this means we can now protect you from known malicious YouTube livestreams that advertise trust-trading scams and bad publications on the telegra.ph domain (which have been becoming more and more common recently). You can see our blacklist here.

If you already have EtherAddressLookup installed, you don’t need to do anything*.

If you want to install EtherAddressLookup, please see the product page to get instructions on how to install it from the Google Chrome store and how to install it manually.

(* if you have installed it manually, then download the latest tag and reload the extension. If you installed it from the Google Chrome Store, you should have it automatically updated — make sure you’re running v1.23)

Just like our other blacklists, we will be keeping this list up-to-date with anything that we find that has malicious intent to separate you and your cryptocurrency.

In this update, we have also added a helpful tip to the warning view to remind you on how to stay safe against one of the most common scams.

We don’t just stop at blacklisting! We also have a couple of bots running in the background and communication lines with select companies on our data feeds so we can get a better idea on:

  • Where stolen funds are routed
  • The infrastructure running the scams
  • Fingerprinting phishing and scam kits
  • How the kits work, so we can help educate the community

Awesome, I want to contribute!

If you find a live stream or an article that is malicious, then please open a PR to blacklists/uris.json file (or report via CryptoScamDB), and once merged, everyone should be prevented from seeing the malicious content within ~10 minutes (as caches refresh).

We also run everything via urlscan.io and then have bots to backup data to an S3 bucket so we can do some analysis later — big shoutout to URLScan for having such a great service! We also run a passive hunter (punter) on infrastructure found in blacklists/domains.json to build our infrastructure map to find more domains.

If you’d wish to contribute to the antiphishing work, we have a tip jar that supports ETH & ERC20 donations at 0x661b5dc032bedb210f225df4b1aa2bdd669b38bc.

Thank you for the support!

Talk To Us & Share Your Thoughts

MyCrypto

The Official MyCrypto Blog

Harry

Written by

Harry

MyCrypto

MyCrypto

The Official MyCrypto Blog

More From Medium

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade