Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Phishers Using Multi-exploit Kits to Outsmart Users

According to Security Researchers at SecureWorks, an online security firm, phishers are targeting those online users who are fed up with phishing attacks and react by talking to them through computer. The cyber crooks are using exploits designed to take control of users' systems.

Researchers added that users who consciously give away their personal details to phishers are typically targeted with this follow-on malicious attack.

Joe Stewart, Director of malware Research, SecureWorks Inc., said that in this new form of attack, the Asprox botnet is being used by phishers to launch attack on users' log-in screen to understand what's going on their mind. In fact, the phishers use a multi-exploit strike kit to attack anyone who employs profanity in place of password and username, as reported by COMPUTERWORLD on August 26, 2008.

Moreover, the security analysts revealed that before launching the follow-on malicious attack, phishers check for three things. Firstly, if the user has filled the phishing form completely or not; secondly, if he used the word 'phish' in the form; thirdly, if the user used bad language in the form or not.

SecureWorks researchers further disclosed that in the second round of attacks, phishers use the latest version of a renowned multi-exploit kit called Neosploit.

Stewart said that users who have not patched flaws in popular browsers such as Flash and QuickTime or have not updated their Windows are most vulnerable to the attacks from the Neosploit attack kit.

After analyzing the surging phishing attacks, Stewart stated that more than one user could admonish at phishers in the log-in screens. Moreover, while locating the data hacked by phishers, SecureWorks found that it included uncomplimentary comments and substantial amount of profanity.

Meanwhile, as per reports, the Asprox botnet comprises of at least 50,000 hacked systems or more. This confirms from the fact that users get the opportunity of sending phishing e-mails unknowingly for botnet, and because Asprox is a Trojan. For instance - user might not know that the desktop wallpaper of his system has changed into a spyware alert message, if the Asprox Trojan starts running.

Related article: Phishers Expand Their Sphere of Attacks

ยป SPAMfighter News - 9/5/2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page