- Cool Yule Tools: 2008 Holiday Gift Guide
- 10 kitchen gadgets for the geek gourmet
- Google admits to violating iPhone development terms
- Smartphone smackdown: Storm vs. iPhone
- Google layoffs: 10,000 jobs being cut
Do cybergangs work on evil “product upgrades” to improve their crimeware and attack methods?
That's what RSA, the security division of EMC, claims is happening with the Rock Phish gang, described as an East European cybercrime group responsible for creating botnets used in phishing attacks to steal personal information.
"Rock Phish is making an investment in their own infrastructure by upgrading their botnet," says Sean Brady, product marketing manager at RSA. RSA, whose FraudAction Research Lab has posted a blog item on the topic, says the end result could be a surge in phishing attacks in the near future.
RSA claims Rock Phish, which introduced the Zeus (a/ka WSNPOEM) Trojan last April, has been making changes to its Command & Control Server by linking it with the so-called Asprox botnet. Brady says the Asprox botnet "is a more advanced fast-flux network" for propagating phishing attacks.
The Asprox botnet gained attention earlier this year when it was linked to a massive wave of SQL-injection attacks that compromised Web sites.
According to RSA, the number of worldwide phishing attacks dropped substantially from 13,695 in June to just 9,294 in July and 7,099 in August. RSA theorizes this drop is directly due to the Rock Phish gang migrating away from its "classic Rock Phish attacks" as their effort is put into linking into the more powerful Asprox botnet. Consequently, RSA theorizes that soon the number of worldwide phishing attacks may jump again very quickly.
"There will be a return to the volumes of spring and summer," Brady predicts.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (4)
Yes, CIA is the secret government...By Anonymous on September 10, 2008, 7:48 amYes, CIA is the secret government. You sure found that out fast.
Reply | Read entire comment
War on cyper crime?By tuomoks on September 6, 2008, 3:11 amAssassinations might work to some extent but not really solve the problems. Criminals are opportunists (as any entrepreneur, just different moral view - I hope!)...
Reply | Read entire comment
Kill the cybergang bangers?By Schratboy on September 5, 2008, 8:25 pmJeesh! Can't you just admit that RSA is merely chumming for business?!
Reply | Read entire comment
Assassination Anyone?By Anonymous on September 5, 2008, 3:11 pmAssassination should be the standard response of the United States secret government (read: CIA) for these types of criminals. I can't believe that we have no...
Reply | Read entire comment
View all comments