Very organized phishing, DNS

Very organized phishing, DNS

am 20.10.2006 04:39:08 von Jem Berkes

I was fascinated by this paypal imitation phishing fraud - www.paypalpro.hk

Here's what I thought was interesting. There are 5 DNS servers for the
domain, which are dynamic IPs scattered around the place, must be hacked
zombies. The web site itself also is served by a cluster of, again, zombies
on dynamic IPs.

So spammers now install DNS servers and distributed web servers on hacked
zombies? That's remarkable sophistication.

--
Jem Berkes
Software design for Windows and Linux/Unix-like systems
http://www.sysdesign.ca/

Re: Very organized phishing, DNS

am 20.10.2006 04:44:16 von unknown

Post removed (X-No-Archive: yes)

Re: Very organized phishing, DNS

am 20.10.2006 05:58:09 von Jem Berkes

>> So spammers now install DNS servers and distributed web servers on
>> hacked zombies? That's remarkable sophistication.
>
> They don't even use commonly known IE exploits for spoofing, this is a
> big lack of sophistication.

Yeah the appearance in the browser aside, the infrastructure they use to
carry out these crimes is impressive. Considering it's ad hoc and the
servers are running on stolen resources by remote control.

--
Jem Berkes
Software design for Windows and Linux/Unix-like systems
http://www.sysdesign.ca/

Re: Very organized phishing, DNS

am 20.10.2006 14:29:54 von unknown

Post removed (X-No-Archive: yes)

Re: Very organized phishing, DNS

am 13.12.2006 05:34:32 von warf

Sebastian Gottschalk wrote:

> Jem Berkes wrote:
>
>
>>>>So spammers now install DNS servers and distributed web servers on
>>>>hacked zombies? That's remarkable sophistication.
>>>
>>>They don't even use commonly known IE exploits for spoofing, this is a
>>>big lack of sophistication.
>>
>>Yeah the appearance in the browser aside, the infrastructure they use to
>>carry out these crimes is impressive. Considering it's ad hoc and the
>>servers are running on stolen resources by remote control.
>
>
> So far nothing special. The big botnets are somewhat larger than this
> little application.

And this is why "I" feel it is important to bite tongues and assist the
unknowledgeable that come looking for advice....like me....when they
discover that things like netbios scan from xxxx.xx.xx.xx.ru happens
daily and is not just interesting news.
Kinda like driving isn't it; no matter how safe you are the ignorant
will get _you_ directly or indirectly.
Miffed