Wednesday, February 25, 2009

Phishing Kit In-the-Wild for cloning of web site, version 2

A few days ago I said that is an asset package containing files phishing websites cloning well known and heavily used by the users ready to be exploited.

This package has expanded its "coverage" of fraud, offering a second package with a large quantity of fake websites that seek to be transparent to the user and obtain their information.

Phishing kit keeps the same strategy of spreading the pack earlier, ie, an index.html file that is a true copy of the actual page, login.php and a .txt, but not the proposals of cloning to steal data:

Adult Friend Finder
Amazon
Bebo
Break
DeviantArt
FlickR
FreeWebs
GeoCities
LiveJournal
Playstation Underground
PornoTube
SendSpace
SourceForge
Studivz
Tagged
Tripod - Lycos
Veoh
WWE
Xanga
XTube - Images R Broken


On the one hand, strategies that seek to raise money without major efforts are becoming more aggressive and more invasive, and on the other hand, most of these kits are available online for free or against payment, in this case, a sum of money not as high as with similar pack.

Phishing attacks are becoming more dangerous because its creators are seeking efficiency in the development of the copy to be as faithful as possible to the real. This represents a potential risk associated with the combination with intrusive techniques such as malware kit (ElFiesta, MPack, IcePack, etc..) that are implanted in servers ghosts or violated to disseminate phishing, is becoming increasingly dangerous for those unknown, even to those who know well, the functioning of these attack techniques.

Related Information
Phishing Kit In-the-Wild for cloning of web site


# Jorge Mieres

No comments: