Forum latest

Two-Thirds Of All Phishing Attacks Generated By A Single Criminal Group, Researchers Say
Security
Written by Daniel   
Friday, 14 May 2010 18:53

From Dark Reading

'Avalanche' syndicate accounted for 66 percent of phishing in the second half of 2009, APWG reports
Like convenience stores and fast-food restaurants, phishing is no longer a mom-and-pop operation, according to a study released today.

A single crime syndicate dubbed "Avalanche" was responsible for some 66 percent of the phishing traffic generated in the second half of 2009, according to a report (PDF) published by the Anti-Phishing Working Group (APWG).

 



"Avalanche" is the name given to the world's most prolific phishing gang and to the infrastructure it uses to host phishing sites, according to APWG. "This criminal enterprise perfected a system for deploying mass-produced phishing sites, and for distributing malware that gives the gang additional capabilities for theft," the study says.

Avalanche successfully targeted some 40 banks and online service providers, as well as vulnerable or nonresponsive domain name registrars and registries, in the second half of 2009, according to APWG.

Avalanche could be a successor to the "Rock Phish" criminal operation, which became notorious between 2006 and 2008, APWG says.

"The Rock was the first to bring significant scale and automation to phishing," the report states. "The Rock registered domain names regularly and in large numbers, used fast-flux hosting to support its phishing Web sites and extend their uptimes, and usually placed about six discrete phishing attacks on each domain name."

Avalanche was first seen in December 2008, and was responsible for 24 percent of the phishing attacks recorded in the first half of 2009, the study says. "Avalanche uses the Rock's techniques but improves upon them, introducing greater volume and sophistication," it says.

To speed its spread of attacks, Avalanche runs on a botnet and uses fast-flux hosting that makes mitigation efforts more difficult, APWG says. "There is no ISP or hosting provider who has control of the hosting and can take the phishing pages down, and the domain name itself must be suspended by the domain registrar or registry," the report notes.

[More....] [Comments....]

 

See also

None found.


Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either