Hosting services under attack

By

Phishing attack aims for site credentials.

A new phishing attack is targeting webmasters in an attempt to gain access to site credentials.

According to security firm Trusteer, the attack targets cPanel, a popular management tool for web hosts.

The attackers have sent out emails claiming to originate from the hosting firms.

The emails tell the user that due to maintenance activities all FTP credentials must be updated. The message contains a link to a phishing site which asks for log-in information.

Researchers say that the attack is meant as an attempt to harvest FTP logins for webmasters. Once the logins have been collected, the accounts are then accessed and the sites used to host phishing pages targeting users of online banking sites and other financial services.

Trusteer chief technology officer Amit Klein said that the tie-in to bank phishing was of particular interest and could signal a dangerous new trend in the way online fraud operations are run.

"The ability to upload arbitrary content into relatively small and less popular sites may seem un-interesting fraud-wise. However, evidence we have collected over the past few months connects cPanel-driven sites to online banking fraud," said Klein.

"By stealing cPanel login credentials, criminals do not need to use hacking tools to upload content to a website, and therefore can avoid detection until after they have siphoned funds from consumer and business banking accounts."

Hosting services under attack
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?