Phishers Use Google Maps to Locate Hijacked PCs
Identity thieves have advanced their technical expertise to a new level. After spreading malware via spam mails they are using Google maps to locate the physical position of the compromised computers.
The earliest victims are account holders of two Australian banks. The victims have experienced a unique phishing attack in which the malicious code found the physical location of the hacked IP addresses with the help of Google maps. The phishers have also targeted account holders of banks in Germany and the U.S.
The malware drops a Trojan that behaves like a keylogger in the infected PC.
The scam having multiple versions circulated one version that spread false news that the Australian prime minister survived a heart attack. The spam mail installs a backdoor Trojan to record all user information and compromises a Web server, enabling the hacker to capture the victim's PC.
The backdoor code provides the hacker the exact number of infected computers across the world, while linking to a Google map to tell their physical locations. The attackers use the maps' server to transform each IP address into a real physical address.
According to security experts, the physical address acts as the principal part of information for the hacker because it allows him to carry out identity theft. By knowing the physical address it becomes lot easier for the hacker to access sensitive information like bank accounts.
Joel Camissar of Websense Australia and country manager of New Zealand believes Google maps could assist hackers to conduct identity theft. The hackers could match user information obtained from the keylogger with the knowledge of the user's location gathered from Google Maps. In this way they could access bank accounts and Social Security numbers. ComputerWorld published Camissar's statement on February 20, 2007.
In January 2007, The London Telegraph reported that terrorists used Google Maps' services to launch attacks on U.K. troops.
Security experts say it is possible to escape such situation so they advise e-mailers not to click on links in e-mails coming from strange senders. They should also avoid unexpected links even if they are from known people.
Related article: Phishers Expand Their Sphere of Attacks
» SPAMfighter News - 03-03-2007