Australia amongst global attack

By

Fifty financial institutions in the United States, Europe and the Asia-Pacific region were hit with a well crafted pharming attack this week.

Australia amongst global attack
In preparation for the attacks, hackers created mock pharming websites for each financial institution they targeted.

Researchers from Websense said attackers lured victims to a website hosting malicious code that exploited a patched Microsoft vulnerability.

Microsoft patched the flaw last May. The vulnerability requires a user to only visit a website to have his or her PC infected by malware.

In this attack, the malicious website would download a trojan known as ieexplorer.exe, which downloads more malware from Russia. The websites then display an error message asking users to shut off firewalls and anti-virus software, according to the reports.

Victimised users are then redirected to the malicious pharming websites that appear similar to legitimate financial websites. Attackers can use the collected personal information for identity fraud, or sell the details to other criminals.

Dan Hubbard, vice president of security research at Websense, told SCMagazine.com today that the attacks were well researched and designed.

"They are very well planned and thought out. Resilient infrastructures, sophisticated malcode and very good back-end control and statistic," he said.

"The use of malicious code is growing very fast. This is being used more and more and we believe it will rise in both frequency and sophistication. The attack success percentages are higher also."

ISPs have shut down websites hosting the malicious code in Germany, Estonia and the United Kingdom. The attack also installs a bot on infected PCs, according to the report.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?