Very organized phishing, DNS

I was fascinated by this paypal imitation phishing fraud - www.paypalpro.hk

Here's what I thought was interesting. There are 5 DNS servers for the
domain, which are dynamic IPs scattered around the place, must be hacked
zombies. The web site itself also is served by a cluster of, again, zombies
on dynamic IPs.

So spammers now install DNS servers and distributed web servers on hacked
zombies? That's remarkable sophistication.

--
Jem Berkes
Software design for Windows and Linux/Unix-like systems
http://www.sysdesign.ca/
Jem Berkes [ Fr, 20 Oktober 2006 04:39 ] [ ID #1508287 ]

Re: Very organized phishing, DNS

Post removed (X-No-Archive: yes)
Notifier Deamon [ Fr, 20 Oktober 2006 04:44 ] [ ID #1508288 ]

Re: Very organized phishing, DNS

>> So spammers now install DNS servers and distributed web servers on
>> hacked zombies? That's remarkable sophistication.
>
> They don't even use commonly known IE exploits for spoofing, this is a
> big lack of sophistication.

Yeah the appearance in the browser aside, the infrastructure they use to
carry out these crimes is impressive. Considering it's ad hoc and the
servers are running on stolen resources by remote control.

--
Jem Berkes
Software design for Windows and Linux/Unix-like systems
http://www.sysdesign.ca/
Jem Berkes [ Fr, 20 Oktober 2006 05:58 ] [ ID #1508289 ]

Re: Very organized phishing, DNS

Post removed (X-No-Archive: yes)
Notifier Deamon [ Fr, 20 Oktober 2006 14:29 ] [ ID #1508292 ]

Re: Very organized phishing, DNS

Sebastian Gottschalk wrote:

> Jem Berkes wrote:
>
>
>>>>So spammers now install DNS servers and distributed web servers on
>>>>hacked zombies? That's remarkable sophistication.
>>>
>>>They don't even use commonly known IE exploits for spoofing, this is a
>>>big lack of sophistication.
>>
>>Yeah the appearance in the browser aside, the infrastructure they use to
>>carry out these crimes is impressive. Considering it's ad hoc and the
>>servers are running on stolen resources by remote control.
>
>
> So far nothing special. The big botnets are somewhat larger than this
> little application.

And this is why "I" feel it is important to bite tongues and assist the
unknowledgeable that come looking for advice....like me....when they
discover that things like netbios scan from xxxx.xx.xx.xx.ru happens
daily and is not just interesting news.
Kinda like driving isn't it; no matter how safe you are the ignorant
will get _you_ directly or indirectly.
Miffed
warf [ Mi, 13 Dezember 2006 05:34 ] [ ID #1567229 ]
Miscellaneous » comp.security.misc » Very organized phishing, DNS

Vorheriges Thema: Windows Defender + uphclean
Nächstes Thema: Trend Micro IMSA 5000 Version 7.0 Usability Testing

[ Startseite ] [ Administrator ] [ Suche ] [ Hinweise ] [ Impressum ]

Powered by FudForum