Oct
13
2008
Today
 

access   avg   backup   business   click   computer   customers   data   files   information   internet   into   its   microsoft   network   not   online   security   server   service   services   singapore   site   software   spector   tape   text   users   vista   web   windows  

Created with AkoCloud 1.1 final.

Subscribe Newsletter

Subscriber List


Receive HTML?

WebSearch Here
Translate This Website
 
Infamous Vendor Of AntiVirus XP Badware Sued   Scheduled Com/Net Production Maintenance Notification   About Stellar Information   Sony Recalls 440,000 Vaio Laptops   Promotions   What is Blogging... Exactly?   Marketing Services for the Internet   What You Should Know About Ecommerce Web Hosting   Why You Need A Computer Firewall   Getting Backlinks The Easy Way   CCTV Home Security   FrontPage   Beware Of Malicious Fake Adobe Flash Player   Pacific LANWorks Awarded As AVG Gold Reseller   Alibaba Retains Its Independence To Yahoo
Recover lost or deleted partitions
New Malware Enhanced Phishing Technique PDF Print E-mail
Sunday, 27 April 2008
The RSASM Anti-Fraud Command Center (AFCC) has recently uncovered a new series of attacks from the Rock Phish group, launched in order to infect unsuspecting users with financial crimeware.

The Rock Phish group is a set of criminals believed to be based in Europe who have been targeting financial institutions worldwide since 2004.

Rock Phish attacks are estimated to account for more than 50% of phishing attacks world-wide and to be responsible for the theft of tens of millions of dollars from users’ bank accounts. However, until now, the group has not deployed financial crimeware as part of its attack methodology.
The new Rock Phish attacks combine both phishing techniques and crimeware. Victims of these phishing attacks not only have their personal data stolen – but they are then also infected with the Zeus Trojan. Once infected, the Trojan is capable of stealing additional information, such as personal data transmitted while interacting with other websites.

United States & Canada - Storm Trojan Outbreak


The attacks were detected by the RSA 24x7 Anti-Fraud Command Center with support from security analysts that work on RSA’s FraudAction Anti-Trojan Service team. This experienced team of fraud analysts works to detect and qualify phishing sites, shut them down, deploy countermeasures, and conduct extensive forensic work to catch fraudsters and prevent future attacks.
United States - Norton AntiVirus 2007

The team’s phishing forensics expertise enabled the AFCC to trace the malware infection resources within these attacks. RSA’s FraudAction Anti-Trojan Service analysts are very familiar with the Zeus Trojan: they closely track the distribution of this Trojan, and are often able to identify the propagation of Zeus variants before they are detected by most anti-virus software tools.
The RSA Anti-Trojan Service mitigates Trojan threats by tackling the Trojan’s communication channels – including its infection, drop and ‘command & control’ points – and the AFCC works to block the drop-zones. In this way, even if a user has already been infected with the Zeus Trojan, the Trojan will be unable to communicate with its drop-zone, rendering the attack much less effective.
In addition, the source of the Zeus infection will be traced and shut down by the AFCC, and will not be usable in future phishing attacks.
So far, RSA’s FraudAction Anti-Trojan Service has detected more than 150 variants of the Zeus Trojan targeting customers of financial institutions and other organizations worldwide.



Reddit!Del.icio.us!Facebook!Slashdot!Netscape!Technorati!StumbleUpon!Newsvine!Furl!Yahoo!Ma.gnolia!Free social bookmarking plugins and extensions for Joomla! websites!
 
< Prev   Next >
[ Back ]