Home / Blogs

Phishers Backdooring Phishing Pages to Scam One Another

  • Aug 08, 2008 3:16 PM PST
  • Comments: 0
  • Views: 3,779
Print Comment
By Dancho Danchev
Dancho Danchev

There seems to be no such thing as a free phishing page these days, with phishers scamming one another at an alarming rate according to a recently published research entitled "There is No Free Phish: An Analysis of "Free" and Live Phishing Kits”.

Cybercriminals attempting to scam other cybercriminals has been happening for years, with old school cases where backdoored malware tools such as crypters and binders are offered for free, or a newly released RAT whose client is in fact infected with a third-party malware. Realizing and definitely not enjoying the fact that the lowered entry barriers into cybercrime are empowering yesterday's script kiddies with malware kits that used to be utilized by a set of people who invested time and money into the process several years ago, this unethical competitive practice is only going to get more common. Backdooring phishing pages is one thing, backdooring entire web malware exploitation kits, next to the possibility to remotely exploit a competitor's command and control server is entirely another:

"Taking a more strategic approach, a cybercriminal wanting to scam another cybercriminal would backdoor a highly expensive web malware exploitation kit, then start distributing it for free, and in fact, there have been numerous cases when such kits have been distributed in such a fraudulent manner. The result is a total outsourcing of the process of coming up with ways to infect hundreds of thousands of users though client side exploits embedded or SQL injected at legitimate sites, and basically collecting the final output - the stolen E-banking data and the botnet itself."

What's to come in the long term? Why just backdoor the phishing page, when you can embed it with a live exploit URL in an attempt to both, infect the cybercriminal about to use and obtain all of the already stolen virtual assets has already stolen, and also, have a third-party maintain a blended attack campaign without even knowing it.

By Dancho Danchev, Independent Security Consultant. Visit the blog maintained by Dancho Danchev here.

Related topics: Malware, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:
Print Comment

Comments

To post comments, please login or create an account.

Related Blogs

Phish or Fair?

  • Feb 07, 2012
  • Comments: 4

The FBI and Scotland Yard vs. Anonymous: Security Lessons

  • Feb 06, 2012
  • Comments: 0

World Notices That Verisign Said Three Months Ago That They Had a Security Breach Two Years Ago

  • Feb 02, 2012
  • Comments: 2

Privacy Rules to Change in the EU, But What If …?

  • Jan 24, 2012
  • Comments: 0

Understanding and Detecting Mobile Malware Threats

  • Jan 16, 2012
  • Comments: 0
View More

Related News

DNSChanger Trojan Still Running on Half of Fortune 500s, US Govt

  • Feb 02, 2012
  • Comments: 0

Public-Private Cooperation Policy for Cyber Security Suggested by Commissioner Kroes

  • Jan 31, 2012
  • Comments: 0

DDoS Attacks Increased by 2000% in Past 3 Years, Asia Generating Over Half of Recent Attacks

  • Jan 31, 2012
  • Comments: 0

NASA Website Blocked Due to DNSSEC Error

  • Jan 25, 2012
  • Comments: 0

Comcast Announces Completion of DNSSEC Deployment

  • Jan 10, 2012
  • Comments: 0
View More

Topics

Access ProvidersLaw
BroadbandMalware
CensorshipMobile
Cloud ComputingMultilinguism
CyberattackNet Neutrality
CybercrimeP2P
CybersquattingPolicy & Regulation
Data CenterPrivacy
DNSRegional Registries
DNSSECRegistry Services
Domain NamesSecurity
EmailSpam
EnumTelecom
ICANNTop-Level Domains
Internet GovernanceVoIP
Internet ProtocolWeb
IP AddressingWhite Space
IPTVWhois
IPv6Wireless
View More

Industry Updates – Sponsored Posts

MarkMonitor to Exhibit at Internet Tech Policy Exhibition and Reception to be Held on Capitol Hill

Verisign to Award New Infrastructure Research Grants

Nixu SNS 2.5 Series Gives Fresh Views on DNS

Neustar Names Joe Pasqua to Head Neustar Labs

Q3 2011 Fraud Intelligence Report

The Spookiest DDoS Attacks in History

Protecting Your Business from DDoS Attacks: Advice from Neustar

A Different Kettle of Phish

Introduction to Nixu Software: End-to-End Software-Based DNS, DHCP, IPAM Solutions for Your Network

MarkMonitor Fraud Intelligence Report Released for Q2 2011

President Obama Names Neustar President and CEO Lisa Hook to NSTAC

Verisign's Matt Larson Wins 2011 InfoWorld Technology Leadership Award

Internet Adds 4.5 Million Domain Names in First Quarter of 2011

Businesses Lack Safeguards Against DDoS Attacks and DNS Failures, New Research Shows

Q1 2011 Fraud Intelligence Report

Neustar Launches SiteProtect for DDoS Protection

The Botnet-Counterfeit Drugs Connection

Verisign Enhances Its Managed DNS Service With Full Support for DNSSEC Compliance and Geo Location

Verisign Achieves Critical DNSSEC Milestone by Deploying Security Extensions in .com TLD

New Verisign Uptime Bundle Combines DDoS Protection, Managed DNS and Threat Intelligence Services

View More

Hot Topics

Neustar UltraDNS

DNS

Sponsored by
Neustar UltraDNS
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
Verisign

Security

Sponsored by
Verisign
Afilias

DNSSEC

Sponsored by
Afilias
dotMobi

Mobile

Sponsored by
dotMobi
View More