Saturday March 13, 2010 3:58 AM AEST

SC Magazine Australia/NZ > News > Vulnerabilities & Exploits > Malware > Hosting services under attack

Vulnerability Alerts

SANS

Microsoft

MS10-017 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150) - Version:1.1
Microsoft Security Advisory (981374): Vulnerability in Internet Explorer Could Allow Remote Code Execution

CERT/CC

Latest Comments

"Thanks fot the information you provided! It's really useful site and I'm glad that came across ..."

on TJX ringleader pleads guilty

by Lora | Mar 13, 2010 1:00 AM

"Mifare 1K,4K,DESfire 4K,Sle4442,T5577,PVC card,KeyFob,ID card,Magstripe card Dear Sir/Madam, ..."

on Sun Microsystems addresses critical Java flaws

by Jucy | Mar 12, 2010 1:05 PM

"Hi Everybody Guys>> How r u? >>I Am S.M.Moshin Arafat (jony) >> I Am a Very Simple Person & I ..."

on Ads on Facebook serving up adware

by Moshin Arafat | Mar 12, 2010 10:29 AM

"Sounds funny. Did they ever tell the customers in plainly-worded language that the co-lo space ..."

on Datacom data centre flooded by Melbourne storm

by Dave - The Network Mule | Mar 11, 2010 10:28 AM

"Sunglasses of wto-store.com www.wto-store.com Versace Sunglasses http://wto-store.com/catego..."

on Web 2.0: Attack of the JavaScript malware

by Luxury Handbags 100% Authentic, 2010 Lastest Styles, Buy Now! | Mar 10, 2010 8:59 PM

Malware

Hosting services under attack

Phishing attack aims for site credentials.

A new phishing attack is targeting webmasters in an attempt to gain access to site credentials.

According to security firm Trusteer, the attack targets cPanel, a popular management tool for web hosts.

The attackers have sent out emails claiming to originate from the hosting firms.

The emails tell the user that due to maintenance activities all FTP credentials must be updated. The message contains a link to a phishing site which asks for log-in information.

Researchers say that the attack is meant as an attempt to harvest FTP logins for webmasters. Once the logins have been collected, the accounts are then accessed and the sites used to host phishing pages targeting users of online banking sites and other financial services.

Trusteer chief technology officer Amit Klein said that the tie-in to bank phishing was of particular interest and could signal a dangerous new trend in the way online fraud operations are run.

"The ability to upload arbitrary content into relatively small and less popular sites may seem un-interesting fraud-wise. However, evidence we have collected over the past few months connects cPanel-driven sites to online banking fraud," said Klein.

"By stealing cPanel login credentials, criminals do not need to use hacking tools to upload content to a website, and therefore can avoid detection until after they have siphoned funds from consumer and business banking accounts."

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Most Read
Most Discussed
Latest News

Vulnerabilities & Exploits Whitepapers

Hosting services under attack

Sponsored Links

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management