Posted by: kenwbudd | July 23, 2010

Phishing in the Cloud – The game that never ends

A new attack has been uncovered using a phishing kit that has an indestructible infrastructure due to its residence in the cloud.

In the majority of phishing schemes when the main server is taken down the main collection point is also removed, but with this kit the data collection space is hosted separately from the phishing websites, Imperva discovered.

Once a server is taken out, all hackers need to do with the cloud-based kit is to re-post the web front end in a new location.

Imperva explained this case is also interesting for its provenance and operation.

Created by two “master hackers”, the phishing kit was posted on hacker forums. Those who used the kit then became part of the master hackers’ “army”, meaning all the data they acquired went back to the creators, who did not have to put in the hours implementing the attack.

“To some extent this is malware-as-a-service,” Shulman said, adding that the attack shows how hackers prefer to abuse the technologies that people are widely using – in this case the cloud.

“This is definitely showing a shift from the normal phishing models that we have seen so far.” Shulman said.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: