search

MetaMask / eth-phishing-detect

Utility for detecting phishing domains targeting Web3 users
Other
1.09k stars 945 forks source link

https://metamate.io/ #3835

Closed montanaflynn closed 3 years ago

montanaflynn commented 4 years ago

It says this is a phishing site but I didn't see anything like that. I was wondering if it's because the domain name?

interfect commented 4 years ago

I ran into this too; it's on HackerNews and seems legit. It looks like there's a "metamate.cc" already on the whitelist; I think they just have to whitelist every single "metamate" that gets registered under a distinct TLD and turns out not to be malicious.

ppwfx commented 4 years ago

Hey,

thanks for opening this issue. I'm the maintainer of metamate.

@interfect you are referring to a whitelist. Could you tell me where I can find it please?

interfect commented 4 years ago

It looks like it's at https://github.com/MetaMask/eth-phishing-detect/blob/7cdaab229357b671ea8b3b0de568687300f629ba/src/config.json#L19

You should be able to make a PR to add the domain to that list in the JSON, but then one of the maintainers would have to sign off and merge it. I can't tell if they have a formal process for approving you as Not A Scam (TM) or if they just sort of decide if/when they get to it.

May 16, 2020 8:21 AM, "ppwfx" <notifications@github.com (mailto:notifications@github.com?to=%22ppwfx%22%20notifications@github.com)> wrote: Hey, 

thanks for opening this issue. I'm the maintainer of metamate. 

@interfect (https://github.com/interfect) you are referring to a whitelist. Could you tell me where I can find it please? 

—

You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub (https://github.com/MetaMask/eth-phishing-detect/issues/3835#issuecomment-629662545), or unsubscribe (https://github.com/notifications/unsubscribe-auth/AAFXTNW2OUTCAP6XGVGICDLRR2VOXANCNFSM4MXQ6CLQ).

ppwfx commented 4 years ago

Perfect cheers!

I guess the following is responsible for flagging metamate.io, as it's spelled exactly like metamask.io except for 2 letters

"tolerance": 2,
  "fuzzylist": [
    "metamask.io",
    "myetherwallet.com",
    "cryptokitties.co",
    "mycrypto.com",
    "localethereum.com",
    "localcryptos.com",
    "dfinity.org",
    "hederahashgraph.com",
    "auctus.org",
    "etherscan.io",
    "originprotocol.com",
    "makerdao.com",
    "makerfoundation.com"
  ],
kumavis commented 3 years ago

fixed in https://github.com/MetaMask/eth-phishing-detect/pull/3864