'Freeware' phishing kit dupes s'kiddies Skilled malware authors have duped less skilled cybercrooks into doing their dirty work with a new phishing kit. A "freeware" phishing kit posted onto hacker forums poses as a way to set up fraudulent websites pretending to be, for example, PayPal or webmail providers. Spam emails masquerading as security checks are then …
I've not seen this with phishing kits, but seeing as the massmailer php scripts leaked out to spammers often contain a line or so of mysterious base64, which you can decode to find the page phoning home with a big old list of email addresses to add to the script supplier's own private spam lists, I'm far from shocked.
Ah, those pesky arabs... committing economic warfare against the unsuspecting west again using our own stupidity against us. First they came at us with that whole zero-nine numbering scam (clearly bringing the downfall of Rome), then that whole religion thing (as if two Abraham lineages weren't enough bother), then they suckered us into a civilization based on petroleum -- and now this. When will it end?
Paris... because she'd never let herself get hacked. Oh, wait...
...Rock Phish, which has been around since 2005; thus, this sort of thing is not new at all, as far as the objective of this "new freeware" is concerned. It *is*, however, interesting to note that it started in the cloud now. Looks like we're about to see more of the usual tricks we see now (or at least those that can be deemed effective) done there. From "in the wild" to "in the cloud"? Ah well, whatever. Let's drink to that!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
