Extra Feeds & Services »

Home / Blogs

Phishers Backdooring Phishing Pages to Scam One Another

  • Aug 08, 2008 3:16 PM PDT
  • Comments: 0
  • Views: 2,415
Print Comment
By Dancho Danchev
Dancho Danchev

There seems to be no such thing as a free phishing page these days, with phishers scamming one another at an alarming rate according to a recently published research entitled "There is No Free Phish: An Analysis of "Free" and Live Phishing Kits”.

Cybercriminals attempting to scam other cybercriminals has been happening for years, with old school cases where backdoored malware tools such as crypters and binders are offered for free, or a newly released RAT whose client is in fact infected with a third-party malware. Realizing and definitely not enjoying the fact that the lowered entry barriers into cybercrime are empowering yesterday's script kiddies with malware kits that used to be utilized by a set of people who invested time and money into the process several years ago, this unethical competitive practice is only going to get more common. Backdooring phishing pages is one thing, backdooring entire web malware exploitation kits, next to the possibility to remotely exploit a competitor's command and control server is entirely another:

"Taking a more strategic approach, a cybercriminal wanting to scam another cybercriminal would backdoor a highly expensive web malware exploitation kit, then start distributing it for free, and in fact, there have been numerous cases when such kits have been distributed in such a fraudulent manner. The result is a total outsourcing of the process of coming up with ways to infect hundreds of thousands of users though client side exploits embedded or SQL injected at legitimate sites, and basically collecting the final output - the stolen E-banking data and the botnet itself."

What's to come in the long term? Why just backdoor the phishing page, when you can embed it with a live exploit URL in an attempt to both, infect the cybercriminal about to use and obtain all of the already stolen virtual assets has already stolen, and also, have a third-party maintain a blended attack campaign without even knowing it.

By Dancho Danchev, Independent Security Consultant. Visit the blog maintained by Dancho Danchev here.

Related topics: Malware, Security

Get a weekly summary of postings to CircleID:

 Master Feed (more feeds)      Twitter      Mobile
Bookmark / Email This Post
Print Comment

Comments

To post comments, please login or create an account.

Related Blogs

Perspectives on a DNS-CERT

  • Mar 16, 2010
  • Comments: 0

Another One (Partially) Bites the Dust

  • Mar 12, 2010
  • Comments: 0

Authorities Take Down the Mariposa Botnet

  • Mar 05, 2010
  • Comments: 0

Closing in on the Google Hackers

  • Feb 25, 2010
  • Comments: 2

OpenDNS Adopts Proposed DNS Security Solution: DNSCurve

  • Feb 23, 2010
  • Comments: 6
View More

Related News

Memory Cards of 3,000 Vodafone Mobiles Infected With Malware

  • Mar 19, 2010
  • Comments: 0

German High Court Says No to Retaining Telecom, Email Data for Tracking Criminal Networks

  • Mar 02, 2010
  • Comments: 0

Comcast Announces Aggressive Plan to Deploy DNSSEC, Launches First Public Trial

  • Feb 23, 2010
  • Comments: 0

How IT and Internet Saved Lives in Haiti

  • Feb 17, 2010
  • Comments: 0

Google Dumps Illicit Pharmacy Advertisements

  • Feb 10, 2010
  • Comments: 0
View More

Other Topics

Access Providers Broadband Censorship Cloud Computing Cyberattack Cybercrime Cybersquatting Data Center DNS DNSSEC Domain Names Domain Registries Email Enum ICANN Internet Governance Internet Protocol IP Addressing IPTV IPv6 Law Malware Mobile Multilinguism Net Neutrality P2P Policy & Regulation Privacy Regional Registries Security Spam Telecom Top-Level Domains VoIP Web White Space Whois Wireless
View More



Industry Updates – Sponsored Posts

MarkMonitor Year in Review Report: How Escalating Online Brand Abuse is Used to Monetize Web Traffic

.ORG to Fully Deploy DNSSEC in June

  • By PIR
  • Views: 490

The GLOBE Program Chooses Dyn Inc.'s Dynect Platform to Deploy DNSSEC per Federal OMB Mandate

MarkMonitor Sets New Standard in Brand Protection with Site Staydown Service

ICANN and Cybersecurity: Hot Topics at The First Ever .ORG Forum

  • By PIR
  • Views: 1,776

Neustar Implements DNS Security Extensions in the .US Registry

Neustar Launches Initiative to Enhance DNS With Faster, More Secure Updates

Registry Stakeholder Group Comments on Latest ICANN Policies

  • By PIR
  • Views: 2,019

Open Phishing Season

Nominum Announces "DNSSEC Made Easy" Solutions

.ORG Highlighted for Success in Fighting Phishing

  • By PIR
  • Views: 2,292

Afilias' Matt Pounsett Elected Director-at-Large for DNS-OARC

SPECIAL: Updates from the ICANN Meetings in Seoul

SEO Poisoning: A Persistent Malware Threat Targeting High-Profile Brands

Nominum CEO: Commercial vs. Open Source - Let Customers Choose

Pharmaceutical Brandjacking for Popular Drug Brands on the Rise

Nominum Broadens Intelligent DNS Impact With SKYE Cloud Services

Afilias Managed DNS Services Adds SiteCertain to Keep Watch on Your Web Site

DNSstuff.com Launches Industry's First Mail Server Test Center

Growing Global Adoption of Nominum's Intelligent DNS Spells Obsolescence for Legacy DNS Systems

View More