Kit Offered for Simplified Deployment of Phishing Sites
A group of fraudsters that identifies itself as Mr-Brain put up a website offering phishing software that is easy to use, according to Paul Mutton, Security Researcher at Netcraft. InformationWeek published this on January 23, 2008.
The group had also launched several phishing attacks previously and majority of the e-mail Ids found involved corresponds to Google mail.
In the new case, the group's intention is to apparently simplify the deployment process of a site for phishing - a site that is supposedly legitimate but includes concealed code written to steal users' personal information such as login details of online banking.
The group, Mr-Brain, through its scam, presents a phishing kit that helps to deploy such sites as fast as in a minute. The kit includes templates designed to attack eBay, PayPal, Bank of America and HSBC, the common targets for phishing.
While it might appear that the scheme targets phishers new in the business, on deeper examination of the script configured for the website, it appears that a deceptive code hides the actual set of e-mail addresses that the kit contacts. So every user of the kit unknowingly passes the stored details of the victim back to Mr-Brain.
The group, which exploits the sensitivity of PHP-type variable names, does so to hide the actual behavior of the configuration script of the toolkit, with one script encrypted. However, for anyone who tries to decrypt it, Mr-Brain has labeled the file with "Don't need to change anything here".
For a novice hacker, this kit might be at risk of being snapped. Most phishers using the kit might not notice the presence of a backdoor, because they assume it to work properly. It could be hard to tell how a number of the freely available phishing kits associated with the current scam are active on the web. But Netcraft found one this month (January 2008) that targeted the Bank of America.
Besides, the Anti-Phishing Working Group reported 34,266 unique phishing sites in October 2007, up by 6,200 from the number during September 2007. In October 2007, about 92.5% of attacks by phishers aimed at financial service institutions.
Related article: Katie Price – Most Dangerous UK Celeb to Search Online
» SPAMfighter News - 04-02-2008