Hello StackBlitz / Bolt.new Security Team,
We are writing on behalf of our clients Kraken and Coinbase regarding a large-scale abuse campaign currently hosted on your platform.
Our team has identified more than 3,000 StackBlitz-hosted pages impersonating these brands and promoting fraudulent tech support phone numbers targeting cryptocurrency users. These pages are designed to deceive users into contacting fake support representatives and may lead to financial fraud, credential theft, or unauthorized account access.
We are currently sharing a CSV file containing the identified malicious URLs along with direct examples for validation purposes.
Example URLs:
https://stackblitz.com/@ushelpfaqsandsupport/collections/what-will-happen-if-my-kraken-account-is-restricted-can-i-be-able-to-restore-it
https://stackblitz.com/@ushelpfaqsandsupport/collections/where-can-i-find-my-kraken-wallet-quick-access-paa
https://stackblitz.com/@ushelpfaqsandsupport/collections/why-can-t-i-get-my-money-out-from-kraken-in-normal-conditions
These pages misuse our clients’ trademarks, brand names, and support-related terminology to mislead users into contacting fraudulent support operators.
We appreciate your earlier acknowledgment and escalation of the matter internally. Given the scale and recurring nature of this abuse, we would like to request a more streamlined and standardized reporting process for future escalations.
Specifically, we would appreciate clarification on the following:
Is there a dedicated abuse/security intake process for large-scale phishing and impersonation campaigns?
Does StackBlitz/Bolt.new offer a Trusted Reporter or Trusted Flagger program for verified Trust & Safety and brand protection partners?
Is there a preferred submission format (CSV, bulk upload, API endpoint, etc.) for reporting large batches of malicious URLs?
Can repeat-abuse accounts or collections be proactively actioned to prevent re-uploading of similar scam content?
We are happy to coordinate directly with your Trust & Safety or Security team and provide structured reports, screenshots, metadata, and additional indicators to assist with rapid remediation.
Regards,
Kishore Kadali
Authorized Agent / Trust & Safety Analyst
ChainPatrol
kishore@chainpatrol.io
Stackblitz Fraud tech support pages - Sheet1.csv
Hello StackBlitz / Bolt.new Security Team,
We are writing on behalf of our clients Kraken and Coinbase regarding a large-scale abuse campaign currently hosted on your platform.
Our team has identified more than 3,000 StackBlitz-hosted pages impersonating these brands and promoting fraudulent tech support phone numbers targeting cryptocurrency users. These pages are designed to deceive users into contacting fake support representatives and may lead to financial fraud, credential theft, or unauthorized account access.
We are currently sharing a CSV file containing the identified malicious URLs along with direct examples for validation purposes.
Example URLs:
https://stackblitz.com/@ushelpfaqsandsupport/collections/what-will-happen-if-my-kraken-account-is-restricted-can-i-be-able-to-restore-it
https://stackblitz.com/@ushelpfaqsandsupport/collections/where-can-i-find-my-kraken-wallet-quick-access-paa
https://stackblitz.com/@ushelpfaqsandsupport/collections/why-can-t-i-get-my-money-out-from-kraken-in-normal-conditions
These pages misuse our clients’ trademarks, brand names, and support-related terminology to mislead users into contacting fraudulent support operators.
We appreciate your earlier acknowledgment and escalation of the matter internally. Given the scale and recurring nature of this abuse, we would like to request a more streamlined and standardized reporting process for future escalations.
Specifically, we would appreciate clarification on the following:
Is there a dedicated abuse/security intake process for large-scale phishing and impersonation campaigns?
Does StackBlitz/Bolt.new offer a Trusted Reporter or Trusted Flagger program for verified Trust & Safety and brand protection partners?
Is there a preferred submission format (CSV, bulk upload, API endpoint, etc.) for reporting large batches of malicious URLs?
Can repeat-abuse accounts or collections be proactively actioned to prevent re-uploading of similar scam content?
We are happy to coordinate directly with your Trust & Safety or Security team and provide structured reports, screenshots, metadata, and additional indicators to assist with rapid remediation.
Regards,
Kishore Kadali
Authorized Agent / Trust & Safety Analyst
ChainPatrol
kishore@chainpatrol.io
Stackblitz Fraud tech support pages - Sheet1.csv