Extra Feeds & Services »

Home / Blogs

Phishers Backdooring Phishing Pages to Scam One Another

  • Aug 08, 2008 3:16 PM PDT
  • Comments: 0
  • Views: 1,759
Print Comment
By Dancho Danchev
Dancho Danchev

There seems to be no such thing as a free phishing page these days, with phishers scamming one another at an alarming rate according to a recently published research entitled "There is No Free Phish: An Analysis of "Free" and Live Phishing Kits”.

Cybercriminals attempting to scam other cybercriminals has been happening for years, with old school cases where backdoored malware tools such as crypters and binders are offered for free, or a newly released RAT whose client is in fact infected with a third-party malware. Realizing and definitely not enjoying the fact that the lowered entry barriers into cybercrime are empowering yesterday's script kiddies with malware kits that used to be utilized by a set of people who invested time and money into the process several years ago, this unethical competitive practice is only going to get more common. Backdooring phishing pages is one thing, backdooring entire web malware exploitation kits, next to the possibility to remotely exploit a competitor's command and control server is entirely another:

"Taking a more strategic approach, a cybercriminal wanting to scam another cybercriminal would backdoor a highly expensive web malware exploitation kit, then start distributing it for free, and in fact, there have been numerous cases when such kits have been distributed in such a fraudulent manner. The result is a total outsourcing of the process of coming up with ways to infect hundreds of thousands of users though client side exploits embedded or SQL injected at legitimate sites, and basically collecting the final output - the stolen E-banking data and the botnet itself."

What's to come in the long term? Why just backdoor the phishing page, when you can embed it with a live exploit URL in an attempt to both, infect the cybercriminal about to use and obtain all of the already stolen virtual assets has already stolen, and also, have a third-party maintain a blended attack campaign without even knowing it.

Written by Dancho Danchev, Independent Security Consultant. Visit the blog maintained by Dancho Danchev here.

Related topics: Malware, Security

Get a weekly summary of postings to CircleID:

 Master Feed (more feeds)      Twitter      Mobile
Bookmark / Email This Post
Print Comment

Comments

To post comments, please login or create an account.

Related Blogs

The Proxy Fight for Iranian Democracy

  • Jun 22, 2009
  • Comments: 2

No Honor Among Thieves on the Internet

  • Jun 18, 2009
  • Comments: 0

Why Not an Interim Step Until DNSSEC is Ready?

  • Jun 18, 2009
  • Comments: 19

ICANN 35: What's Going Down, Down Under (Want the Low Down?)

  • Jun 17, 2009
  • Comments: 0

Fight Phishing With Branding

  • Jun 04, 2009
  • Comments: 11
View More

Related News

US Teaming Up With Italy to Combat Cybercrime

  • Jun 30, 2009
  • Comments: 0

Trojans Fastest Growing Category of Data-Stealing Malware

  • Jun 30, 2009
  • Comments: 0

US Continues to Lead As Top Country Hosting Phishing Attacks

  • Jun 29, 2009
  • Comments: 0

Gary Warner: We Are Well Past Time to Declare a Spam Crisis in China

  • Jun 29, 2009
  • Comments: 4

SPECIAL: Updates from the ICANN Meetings in Sydney

  • Jun 26, 2009
  • Comments: 0
View More

Industry Updates – Sponsored Posts

Latest Brandjacking Index Examines How Fraudsters Abuse Financial Brands

NeuStar Addresses DNS Vulnerability with Cache Defender, a Secure DNS Authentication System

A Seemingly Overwhelming Number of Important Documents Released by ICANN

.ORG First Open Top-Level Domain to be Signed with DNSSEC

  • By PIR
  • Views: 868

DNSSEC Industry Coalition Symposium is Announced

  • By PIR
  • Views: 919

SPIL GAMES Chooses MarkMonitor for Global Domain Management

Facebook Selects MarkMonitor Antifraud Solutions to Combat Malware

MarkMonitor AntiFraud Solutions, Combining Proven Antiphishing and Expert Antimalware Capabilities

DNSstuff.com Offers Trusteer Rapport Product to Help Users Boost Their Defenses Against Online Fraud

MarkMonitor AntiFraud Solutions Combine Proven Antiphishing and Expert Antimalware Capabalities

DNSSEC Industry Coalition Meets with Vint Cerf and Dan Kaminsky

  • By PIR
  • Views: 857

COCC Partners with MarkMonitor for Anti-Phishing Services

ICANN Mexico City Meeting Brings a Significant Shift in Direction for Brand Rights Holder Issues

MarkMonitor Year-in-Review Report Finds Online Abuse of Major Brands Was a Growth Industry for Fraud

DNSSEC FUD Buster: DNSSEC Slows the Internet?

  • By PIR
  • Views: 1,208

A United Front to Stop Cybercrime

  • By PIR
  • Views: 1,137

Committed to Keeping the Internet a Safe Place

  • By PIR
  • Views: 1,744

NeuStar's UltraDNS to Power NASDAQ Dubai

If I Have an SSL, Do I Need DNSSEC?

  • By PIR
  • Views: 2,305

Industry Coalition Announced to Increase Adoption of DNSSEC

  • By PIR
  • Views: 1,555
View More