Zombies used to host DNS for phishing

 
Fraudsters are using a botnet to host not only the malicious websites, but also the DNS servers that provide domain resolution services for the targeted domain name.

TOP STORIES Government intervenes in warrantless wiretapping lawsuit Commtouch unveils image-based spam defense Verizon sued over NSA surveillance US spy agency building database of every call ever made Email bomber heads back to court Zombie master Jeanson Ancheta sentenced to 5 years in prison New York man to settle in Washington's first spyware case US demand for college wiretaps questioned Russian virus distributor convicted Corporate instant messaging on the rise Court slams former spam king over spyware Hacker charged with stealing information from military MPAA releases new piracy loss data Spam King Alan Ralsky not jailed Consumers in the dark about latest tech buzzwords more

The new technique makes it significantly harder to shut down phishing sites.

A conventional phishing scam site can only operate for a limited time before it is shut down, normally by the ISP that hosts the site. But the criminals have started using botnets to get around the problem.

A botnet consolidates a number of zombies so that they can be organized to work together. A zombie is a machine infected by a worm or virus awaiting instructions from hackers and fraudsters.

Using a botnet, a scammer can host the same malicious site at several zombies, and when one is shut down, modify the DNS record for the domain to point to another compromised computer.

According to a recent CipherTrust study, an average of 157,000 new zombies are identified each day.

Related: Zombies everywhere

 
Save to Yahoo! My Web

Submit to Fark

Add to Del.icio.us

Add to Ma.gnolia

Submit to Reddit

Submit to Slashdot

Submit to NowPublic
 

E-mail this story     Printer-friendly version     Bookmark this page