Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

eth-phishing-detect

Package Overview
Dependencies
Maintainers
1
Versions
20
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

eth-phishing-detect - npm Package Compare versions

Comparing version 1.1.0 to 1.1.1

test/ealBlacklist.json
test/ealWhitelist.json

2

package.json
{
"name": "eth-phishing-detect",
"version": "1.1.0",
"version": "1.1.1",
"description": "Utility for detecting phishing domains targeting Ethereum users",

@@ -5,0 +5,0 @@ "main": "src/index.js",

20

src/config.json
{
"tolerance": 4,
"tolerance": 3,
"fuzzylist": [

@@ -20,3 +20,13 @@ "ethereum.org",

"ethnews.com",
"ethex.market"
"ethex.market",
"ethereumdev.io",
"ethereumdev.kr",
"dether.io",
"ethermine.org",
"slaask.com",
"etherbtc.io",
"ethereal.capital",
"etherisc.com",
"m.famalk.net",
"etherecho.com"
],

@@ -51,4 +61,9 @@ "blacklist": [

"myetherweb.com.de",
"myetherieumwallet.com",
"myethervallet.com",
"myetherwallet.com.cm",
"myetherwallet.com.co",
"myetherwallet.com.de",
"myetherwallet.com.gl",
"myetherwallet.com.im",
"myetherwallet.com.ua",

@@ -58,2 +73,3 @@ "xn--mytherwallet-fvb.com",

"xn--myetherwallt-leb.com",
"xn--myetherwallt-yeb.com",
"secure-myetherwallet.com",

@@ -60,0 +76,0 @@ "update-myetherwallet.com",

5

src/detector.js

@@ -25,3 +25,6 @@ const levenshtein = require('fast-levenshtein')

// check if near-match of whitelist domain, FAIL
const fuzzyForm = domainPartsToFuzzyForm(source)
let fuzzyForm = domainPartsToFuzzyForm(source)
// strip www
fuzzyForm = fuzzyForm.replace('www.', '')
// check against fuzzylist
const levenshteinMatched = this.fuzzylist.find((targetParts) => {

@@ -28,0 +31,0 @@ const fuzzyTarget = domainPartsToFuzzyForm(targetParts)

105

test/index.js

@@ -1,10 +0,12 @@

const test = require('tape')
const PhishingDetector = require('../src/detector')
const config = require('../src/config.json')
const alexaTopSites = require('./alexa.json')
const popularDapps = require('./dapps.json')
const test = require("tape")
const PhishingDetector = require("../src/detector")
const config = require("../src/config.json")
const alexaTopSites = require("./alexa.json")
const popularDapps = require("./dapps.json")
const ealWhitelist = require("./ealWhitelist.json")
const ealBlacklist = require("./ealBlacklist.json")
const detector = new PhishingDetector(config)
test('basic test', (t) => {
test("basic test", (t) => {

@@ -14,5 +16,5 @@ // blacklist

testBlacklist(t, [
'metamask.com',
'wallet-ethereum.net',
'etherclassicwallet.com',
"metamask.com",
"wallet-ethereum.net",
"etherclassicwallet.com",
])

@@ -23,12 +25,12 @@

testWhitelist(t, [
'ledgerwallet.com',
'metamask.io',
'etherscan.io',
'ethereum.org',
"ledgerwallet.com",
"metamask.io",
"etherscan.io",
"ethereum.org",
// whitelist subdomains
'www.metamask.io',
'faucet.metamask.io',
'zero.metamask.io',
'zero-faucet.metamask.io',
'www.myetherwallet.com',
"www.metamask.io",
"faucet.metamask.io",
"zero.metamask.io",
"zero-faucet.metamask.io",
"www.myetherwallet.com",
])

@@ -39,21 +41,26 @@

testFuzzylist(t, [
'metmask.io',
'myetherwallet.cx',
'myetherwallet.aaa',
'myetherwallet.za',
'myetherwallet.z',
"metmask.io",
"myetherwallet.cx",
"myetherwallet.aaa",
"myetherwallet.za",
"myetherwallet.z",
])
// not detected as phishing
// do NOT detected as phishing
testAnyType(t, false, [
'example.com',
'etherid.org',
'ether.cards',
'easyeth.com',
'etherdomain.com',
'ethnews.com',
'cryptocompare.com',
'kraken.com',
'myetherwallet.groovehq.com',
"example.com",
"etherid.org",
"ether.cards",
"easyeth.com",
"etherdomain.com",
"ethnews.com",
"cryptocompare.com",
"kraken.com",
"myetherwallet.groovehq.com",
"dether.io",
"ethermine.org",
"slaask.com",
"ethereumdev.io",
"ethereumdev.kr",
])

@@ -103,6 +110,6 @@

testNoMatch(t, [
'MetaMask',
'localhost',
'bancor',
'127.0.0.1',
"MetaMask",
"localhost",
"bancor",
"127.0.0.1",
])

@@ -113,3 +120,3 @@

test('alexa top sites', (t) => {
test("alexa top sites", (t) => {
testAnyType(t, false, alexaTopSites)

@@ -119,3 +126,3 @@ t.end()

test('popular dapps', (t) => {
test("popular dapps", (t) => {
testAnyType(t, false, popularDapps)

@@ -125,3 +132,13 @@ t.end()

test("eal whitelist", (t) => {
testAnyType(t, false, ealWhitelist)
t.end()
})
test("eal blacklist", (t) => {
testAnyType(t, true, ealBlacklist.filter((domain) => !domain.includes('/')))
t.end()
})
function testBlacklist(t, domains) {

@@ -131,3 +148,3 @@ domains.forEach((domain) => {

domain: domain,
type: 'blacklist',
type: "blacklist",
expected: true,

@@ -142,3 +159,3 @@ })

domain: domain,
type: 'whitelist',
type: "whitelist",
expected: false,

@@ -153,3 +170,3 @@ })

domain: domain,
type: 'fuzzy',
type: "fuzzy",
expected: true,

@@ -164,3 +181,3 @@ })

domain: domain,
type: 'all',
type: "all",
expected: false,

@@ -183,3 +200,3 @@ })

// log fuzzy match for debugging
if (value.type === 'fuzzy') {
if (value.type === "fuzzy") {
t.comment(`"${domain}" fuzzy matches against "${value.match}"`)

@@ -186,0 +203,0 @@ }

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc