Analysis of Back-Doored Phishing Kits
نویسندگان
چکیده
This paper analyzes the “back-doored” phishing kits distributed by the infamous Mr-Brain hacking group of Morocco. These phishing kits allow an additional tier of cyber criminals to access the credentials of Internet victims. Several drop email obfuscation methods used by the hacking group are also discussed.
منابع مشابه
There Is No Free Phish: An Analysis of "Free" and Live Phishing Kits
Phishing is a form of identity theft in which an attacker attempts to elicit confidential information from unsuspecting victims. While in the past there has been significant work on defending from phishing, much less is known about the tools and techniques used by attackers, i.e., phishers. Of particular importance to understanding the phishers’ methods and motivations are phishing kits, packag...
متن کاملReeling in Big Phish with a Deep MD5 Net
Phishing continues to grow as phishers discover new exploits and attack vectors for hosting malicious content; the traditional response using takedowns and blacklists does not appear to impede phishers significantly. A handful of law enforcement projects — for example the FBI's Digital PhishNet and the Internet Crime and Complaint Center (ic3.gov) — have demonstrated that they can collect phish...
متن کاملThe Deadliest Catch: Reeling In Big Phish With a Deep MD5 Net
Phishing continues to grow as phishers discover new exploits and attack vectors for hosting malicious content; the traditional response using takedowns and blacklists does not appear to impede phishers significantly. A handful of law enforcement projects — for example the FBI's Digital PhishNet and the Internet Crime and Complaint Center (ic3.gov) — have demonstrated that they can collect phish...
متن کاملTransaction Generators: Root Kits for Web
Current phishing attacks focus primarily on stealing user credentials such as passwords. In response, web sites are deploying stronger authentication and back-end analytics systems that make it harder for phishers to extract value from stolen passwords. As defenses against traditional phishing improve, we expect to see huge growth in the use of a different type of malware called a Transaction G...
متن کاملThe Evolution of Webinjects Boutin
Webinject fi les are now ubiquitous in the banking trojan world as a means to aid fi nancial fraud. What started as private and malware-family-dependent code has blossomed into a full ecosystem where independent coders are selling their services to botnet herders. This specialization phenomenon can be observed in underground forums, where we see a growing number of offers of comprehensive webin...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011