List of malicious domains targeting Web3 users.
For checking why a given domain was blocked, there is a third-party search tool maintained by ChainPatrol.
We are constantly evolving the ideal policy that guides this list, but a few clearly defined rules have emerged. We will be quick and decisive to block websites that:
- Impersonate other known and established sites.
- Use their interfaces to collect user signing keys (especially cryptocurrency keys) and send them back to home servers.
There are other grounds for blocking, and we will ultimately do our best to keep our users safe.
UPDATE: The phishing detector has been moved here.
To keep a tidy file, use the CLI or library functions to modify the list.
yarn add:blocklist crypto-phishing-site.tld
yarn add:allowlist legitimate-site.tldaddDomains(config, 'blocklist', ['crypto-phishing-site.tld']);
addDomains(config, 'allowlist', ['legitimate-site.tld']);yarn remove:blocklist legitimate-site.tld
yarn remove:allowlist malicious-site.tldremoveDomains(config, 'blocklist', ['legitimate-site.tld']);
removeDomains(config, 'allowlist', ['crypto-phishing-site.tld']);We maintain a list of domains pulled from various sources in test/resources. Each file is plaintext with one host per domain. These domains are used to reduce the risk of false positives. If you need to block a domain that is featured on one of these lists, you'll need to add a bypass to test/test-lists.ts.
To update the lists, run yarn update:lists. Note that you'll need a CoinMarketCap Pro API key.
