<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">
Defrag This

| Read. Reflect. Reboot.

Bad Karma: Typosquatters Set Up Fake 'Reddit.co' To Steal User Credentials

Jeff Edwards| February 08 2018

| security

reddit-typosquatters

Aggregator and social network Reddit.com is one of the most popular websites on the internet. In fact, the site it touts itself as the “front page of the internet." But that level of popularity has made it a target for fraudsters, and now, Reddit users, especially those with clumsy fingers, might be at risk. 

Why? Because of a simple typo. Typing ‘www.reddit.co instead of www.reddit.com could land you on a phishing website built to mimic the real Reddit in every way. Note the missing ‘m.’ Dot co (.co) is the country code top-level domain (ccTLD) for Colombia, and it’s also a very easy mistake to make when entering a URL.

Reddit.co has been registered for nearly a decade, since 2010, and in that time, it’s been used for a variety of standard typosquatter use cases such as porn cams and flash-based online games. However, when security researcher Alec Muffett accidentally visited the site recently, he discovered that it was now operating as an exact clone of the legitimate Reddit.

In all likelihood, this clone is being used as a man-in-the-middle attack to pull credentials from unwitting users who attempt to log in to their account on the phony site.

After discovering the phony site, Muffett reported it to Google’s Safe Browsing division, who flagged the site as malicious 24 hours later.

What is Typosquatting?

Typosquatting is a form of URL-squatting in which a bad actor registers a domain that is very similar to a popular existing site and relies on user error (typos while inputting a website address) to attract traffic. Typically, these sites are registered in hopes of selling back to the brand-owner, but they have occasionally popped up as phishing schemes, as is the case here.

In the timeline of hacking tools and exploits, typosquatting qualifies as ancient—those of you who came of age in the early 2000s may remember a certain NSFW typosquatting site related to the White House.

But this incident goes to show that sometimes the old tricks can be just as effective as new ones—at least until a security researcher stumbles across your domain.

(h/t Naked Security)

 

Topics: security

Leave a Reply

Your email address will not be published. Required fields are marked *

THIS POST WAS WRITTEN BY Jeff Edwards

Jeff Edwards is a tech writer and analyst with three years of experience covering Information Security and IT. Jeff has written on all things cybersecurity, from APTs to zero-days, and previously worked as a reporter covering Boston City Hall.

Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.