Plish

Quebec provincial police conducted raids on Wednesday, breaking up a hacking ring said to be responsible for an estimated CDN$45 million in damage to computer systems. Police did not release names of the accused who range in age from 17 to 26 years old. Three are minors.

In a videotaped press conference posted to the police agency’s Web site, Capt. Frederick Gaudreau, of the Surete du Quebec, said the hackers installed remote-controlled botnet software on victims’ machines in order to run phishing and spamming operations. The botnet is believed to contain up to one million zombie PCs, spanning 100 countries around the globe.

If convicted of computer hacking charges, the accused could face 10 years in prison, Gaudreau said.

Police confiscated computer equipment during the raids, and information found on the machines may lead to more charges against other alleged ring members.

{ 0 comments }

One of my favourite bloggers is Paperghost, aka Christopher Boyd, security researcher and malware basher.

After reading his latest entry at Vitalsecurity I thought I’d share this link.

Rise Up With Fists, Strike Down With Vengeance

For the past week or so, I’ve been following a bunch of supposedly uber-cool hackers getting their kicks from phishing, social engineering and fake hacking programs. They make money from their scummery and make no attempts to hide their identities. Their ages ranged from 11 to 13 years old.

PG has such a way with words, it’s a funny read.

{ 0 comments }

IEBlog

Steve Reynolds
Program Manager

This update addresses an issue experienced by some users where CPU usage is high when they are navigating a page that contains multiple frames or when multiple frames are navigated simultaneously. This occurs when the phishing filter evaluates the page for each navigation, resulting in multiple simultaneous evaluations for the same page.

If you have experienced any such performance issues, you are encouraged to download and install this update.

This update is now available on Windows Update for Windows Vista users and will be made available in February for Windows XP and Windows Server 2003 users. All users can download it now here along with related KB article 928089.

The MySpace saga continues:

Netcraft has discovered that the social networking site, MySpace, appears to have been compromised by phishers who have presented a spoof login form on the main site. This modified login form is designed to submit the victim’s username and password to a remote server hosted in France.

Article

PCWorld Reports that the attack was shut down by MySpace around 10 a.m. Pacific this morning.
Apprantly the attacker had registered an account named login_home_index_html, therefore the MySpace page hosting the fake login appeared to be a legitimate place where users could sign onto the service.

If, as is typical with such sites, MySpace has a database of user names that are off limits why did they allow the registration of login_home_index_html ?

Beats me and just another reason MySpace is blocked in my household.

US Microsoft consultants 3Sharp LLC undertook a six week study testing several Anti-Phishing tools for overall accuracy; including Netscape, McAfee, EarthLink, eBay, GeoTrust, Google using Firefox, Microsoft Internet Explorer 7, and Netcraft.

The IE Team comments on the Anti-Phishing Accuracy Study and the unique approach Microsoft has taken to combine a service-backed block list with client-side heuristics.

The full report ‘Gone Phishing: Evaluating Anti-Phishing Tools for Windows’ (PDF) can be downloaded here.

{ 0 comments }

Blog.spywareguide
Posted by Paperghost on July 6, 2006

Yep, it’s Yap time again. The Yap (of course) being Yapbrowser - a free web-browser that served up a whole lot more than end-users were probably bargaining for. Just when you think there’s nothing more to write about, something else pops up and gets the whole story moving again. In this case, a tip from RinCe illustrates that there are some people who will still take a gamble on one of the strangest browser stories in years. Step up to the plate, Searchwebme (you’ll need to scroll down to the entry dated Tuesday, 12th June):

InfoWorld
By Roger A. Grimes
May 01, 2006

Robbing a brick-and-mortar bank seems like petty theft compared with a new breed of cybercrime that, according to a growing number of security experts, is siphoning untold millions of dollars from banks and their customers using SSL-evading Trojans and ever more refined phishing techniques.

Phishing with a hook
Phishing remains the weapon of choice for online bank theft — and the sleight of hand that tricks users into visiting a phishing Web site continues to get more sophisticated. Phishing e-mails now show up with the user’s address, ZIP code, or account information already filled in, indicating that professional criminals are using other, previously compromised resources to gain the trust of consumers.

Fighting the last war
Most banks and e-commerce sites fall one step behind, responding to Trojans that steal log-on credentials by creating more complex authentication schemes and implementing two-factor authentication solutions. Today, banks frequently require that users click on-screen, randomized keyboards; type in the random letters of a “magic word�?; or enter information from a hardware-based cryptographic key fob. None of these solutions works against the new breed of SSL-evading Trojans.

Copyright © is the original authors

Sites represent a growing movement to fight back against growing security problem
InfoWorld
By Robert McMillan, IDG News Service
March 27, 2006

Security vendors are launching two Web sites aimed at helping people report and avoid phishing attacks. The Phishing Incident Reporting and Termination Squad (PIRT) is as a volunteer effort designed to take down phishing sites; CipherTrust’s PhishRegistry.org site, due to be launched Tuesday, will be a service designed to warn legitimate Web sites when they are being spoofed by phishers.

Last week, Microsoft pledged to bring about 100 legal actions against phishers in Europe, the Middle East and Africa (EMEA) over the next few months. Organizations such as the Anti-Phishing Working Group and Digital PhishNet already have been formed to combat this growing problem.

Better Website Identification and Extended Validation Certificates in IE7 and Other Browsers.
IEBlog

Berkeley researchers propose a Mozilla extension to stop phishing. (pdf)

MIT spam conference focuses on phishing.
By Cara Garretson
NetworkWorld.com
03/29/06