Hacker Enlists Other Unwitting Hackers in Scam

Skilled malware writers have found a way for less experienced cyber criminals to do their work for them. A new freeware phishing kit being offered in hacker forums offers cyber criminals a way to set up fake websites and spam emails to capture users’ legitimate login credentials.

However, the malware writers are able to siphon off a significant portion of entered login credentials, leaving only a few for the cyber criminals employing the phishing kit. This allows writers to capture the information without having to do the tedious work of setting up spam campaigns.

The kit appears to have been developed in Algeria and had Arabic-language tutorials but operates in English, according to Imperva, a database security company.

“Unlike previous phishing kits that have been available for years, this new approach lives in the cloud and relies on hackers exploiting other hackers,” according to a blog post by Imperva. “And with the new cloud-based approach the infrastructure for this phishing kit never goes away.  Why?  In traditional schemes when you take down a server you take down not only the web page but also the back end data collection capability. In this cloud version, data collection is hosted separately from the phishing web sites which means hackers only need to repost the web front end in a new location to be back in business.”

email
Filed in: Cyber Tags: , , ,

You might like:

Georgia Tech Unveils Cybersecurity Intelligence Gathering System Georgia Tech Unveils Cybersecurity Intelligence Gathering System
FireEye IDs Malware Evasion Tactics; Abhishek Singh Comments FireEye IDs Malware Evasion Tactics; Abhishek Singh Comments
Martin Sutherland of BAE: Cyber Espionage Malware ‘Organized, Well-Funded’ Martin Sutherland of BAE: Cyber Espionage Malware ‘Organized, Well-Funded’
FireEye’s Kenneth Geers: IT Officers Seek Clues as Cyber Attacks Proliferate FireEye’s Kenneth Geers: IT Officers Seek Clues as Cyber Attacks Proliferate

2 Responses to "Hacker Enlists Other Unwitting Hackers in Scam"

Leave a Reply

Submit Comment

© 2014 ExecutiveBiz. All rights reserved.