‘Avalanche’ Conducted Two-Thirds of Phishing Attacks in H2 2009
Anti-Phishing Working Group (APWG) reveals in its latest report semi-annual report that a single group of cybercriminals in Eastern Europe was responsible for making two-thirds of all the phishing attempts carried out in the second half of 2009. APWG is an association of law enforcement agencies and companies that tracks phishing activities.
This phishing gang, termed Avalanche by security researchers considering the huge amount of attacks generated by it, conducted 84,250 from a total of 126,597 phishing attacks, as per the news published by scmagazineus.com on May 12, 2010.
APWG has highlighted that Avalanche has made use of latest automated tools to launch phishing assaults fast, setting up fraudulent websites and then sending potential victims spam e-mails to trick them into revealing their usernames and passwords. Avalanche is not only confined to phishing, but has also been accountable for delivering e-mails including links directing to data-stealing Trojan Zeus.
Greg Aaron, Director of domain security at Internet infrastructure vendor Afilias and one of the authors of the APWG report, noted that the criminal group has been responsible for attacking nearly 40 institutions, which include major banks located in the US and UK as well as online providers like Google and Yahoo, reported computerworld.com on May 12, 2010.
APWG, in fact, looks Avalanche as the descendant of the criminal operation "Rock Phish", whose nasty activities had been observed during 2006-2008. The report highlighted that the Rock was the first one to introduce significant automation and scale to phishing, as per the news published by darkreading.com on May 12, 2010. The Rock regularly registered domain names and that too in large numbers. It also used fast-flux hosting to power its phishing websites as well as to extend their uptimes. The Rock normally placed around six phishing assaults on every domain.
The impact of Avalanche, which escalated in the latter half of 2009, has declined considerably in 2010. As per the report's findings, as of March 2010, Avalanche was placing merely one phishing attack on every domain registered by it, with the attacks dropping to only 59 in April 2010.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 24-05-2010