Next generation Phishing Kit Discovered

Researchers at security firm "Imperva" have recently detected a next-generation phishing kit.

As per Imperva, the "freeware" phishing kit has been posted on the hacker forum and is used to build up fake websites like a PayPal or webmail supplier. Then, spam emails (posing as security tests) are distributed to deceive naïve netizens to provide their login details.

The proxy hackers will get a success possibly by stealing a huge amount of data before the removal of their fake websites. The backdoor functionality in the phishing toolkit signifies that the maximum amount of the stolen data is shifted back to the real writers of the hacking tool, and not to the substitute (proxy) hackers who employ it.

Due to this new technique, the real authors of the phishing kit manage to gather a large number of web and payment service data without fooling around with spam operations by distributing the research work to their innocent subordinates.

It is also disclosed by Imperva that the latest phishing kit is created in Algeria with Arabic instructions, whereas the actual kit is written in English. As per Imperva, unlike the old phishing kits (which have been used for years), this new technique lives in the cloud and depends on hackers abusing other hackers.

Commenting on the methods used by the hackers in the latest phishing kit, Amichai Shulman, Chief Technology Officer, Imperva, said that to a certain extent, this is malware-as-a-service. The attacks reveals how the hackers are abusing the widely used technologies - in this context the cloud, according to the report publsihed by itpro on July 23, 2010.

Shulman also added that these attacks were certainly depicting a switch from the usual models seen till now in the phishing techniques.

It should be noted that one of the Chief kit writer alleged that the phishing kit had been downloaded as many as 200,000 times, which could be an overstatement, as per Shulman.

Finally, it emerges that hackers are becoming innovative in their phishing attacks. Cyber criminals have developed copies of the Verified by MasterCard and Visa SecureCode protection characters to cheat online customers.

Related article: Next to Bangalore, Chennai Experiences Maximum Financial Loss Due to Phishing

» SPAMfighter News - 8/5/2010