RSA Discovers Instant Phishing Sites for Script Kiddies
Here is a story that reminds us cybercrime is a lot like regular business: you develop a product and make its creation and distribution as efficient as possible. For Web admins, system admins, network managers, DBAs, etc. this often means creating scripts to do repetitive tasks. Why not do the same for setting up phishing sites?
RSA has discovered a PHP-based kit for creating phishing sites that can be run by a novice. Total time to install a site: 2 seconds.
From The Register:
The process is hardly rocket science but it does mean that a would-be fraudster needs to access a compromised server several times to install the files manually, increasing the risk that they might be identified. The new "plug-and-play" phishing kit automates this site installation process. The “kit” consists of a single PHP code file which automatically creates the relevant directories and installs files needed to run a specific phishing site. Seconds after "double clicking" and launching an installation using the kit a complete phishing site is "live". In testing in the RSA phishing lab found that a complete site could be installed in approximately two seconds.
If kits like these suffer the same limitations as virus generating programs, they'll be easy to detect. The code and directory structure will be similar enough that they should be easily identified by Google and other site scanning services. Of course when it only takes two seconds to put up a site, easy detection may not be much of a deterrent.
It may sound like "eat vegetables and get exercise" but keeping the script kiddies off our servers may be more a matter of prevention (patching, vulnerability scanning, etc.) and than detection.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
