236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers
Summary
Infoblox researchers discovered over 236,000 websites utilizing DCloud Uni-App templates for various malicious activities. These sites are primarily used for cryptocurrency scams, phishing campaigns, and wallet drainer operations, often impersonating legitimate brands.
IFF Assessment
The proliferation of DCloud Uni-App templates for scams and phishing directly harms defenders by increasing the attack surface and the volume of deceptive content users must navigate.
Defender Context
This discovery highlights the significant misuse of legitimate development frameworks to create a large number of scam and phishing sites. Defenders should be aware that attackers are leveraging accessible tools to scale their operations, requiring increased vigilance in detecting and blocking these deceptive web applications.