PandaLabs discovers free kits used by cyber-crooks to launch phishing attacks

5/7/2008. This type of crime, which accounted for millions of dollars in losses last year, could increase yet further thanks to these tools
Apart from bank addresses and pages, these kits can be used for online fraud using Gmail, Fotolog and Xbox mails and websites as bait

PandaLabs, the malware detection and analysis laboratory at Panda Security, has discovered several free phishing kits on the Internet which allow cyber-crooks to send out fraudulent emails. These tools allow cyber-crooks to spoof bank pages and emails, online pay platforms, Gmail and Yahoo!Mail mail accounts, online games (Xbox password theft) and blogs (Fotolog access credentials).

“The really amazing thing is, these kits are free”, explains Luis Corrons, Technical Director of PandaLabs. “Due to the simplicity of the tools, the number of phishing attacks increases, causing companies and consumers large losses. According to a study conducted by Gartner, phishing attacks caused U.S. consumers losses for US$3.2 billion in 2007*”.

These kits operate as follows: upon accessing a URL that contains the kits, users obtain the files to create a fraudulent mail; one file allows them to spoof mails of banks, pay platforms etc., and the other allows them to create a fraudulent page that resembles the original. Additionally, the kit includes a PHP program, which is also free, to send emails from the spoofed page.

The rest of the process is similar to other phishing cases: the false email is sent to several mail addresses, with a link to a malicious page in which users are requested to enter the data cyber-crooks are after; email addresses, bank passwords, etc. . .

“To obtain email addresses to spam, cyber-crooks buy lists of addresses on the Internet, although some are free,” claims Luis Corrons, who adds: “if we add free hosting services, the result is, cyber-crooks launching phishing attacks for no cost whatsoever”. Cyber-crooks can also choose the way in which to receive the stolen data; TXT files stored on a server, a message in their mailbox, etc.

For more information, go to the PandaLabs blog. http://www.pandalabs.com/
You can see image about this kit phishing in Flickr

About PandaLabs
Since 1990, its mission has been to analyze new threats as rapidly as possible to keep our clients safe. Several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. To achieve this, they also have the support of TruPrevent® Technologies, which act as a global early-warning system made up of strategically distributed sensors to neutralize new threats and send them to PandaLabs for in-depth analysis. According to Av.Test.org, PandaLabs is currently the fastest laboratory in the industry in providing complete updates to users. More information is available in the PandaLabs blog.

For more information: http://www.pandasecurity.com/homeusers/security-info/

Source: Panda Software International
www.pandasecurity.com

2008-05-17 11:54

Back

IT News: