Tuesday, May 03, 2005

Botnets Used to Host DNS for Phishing

From today's Internet Storm Center's Handlers Diary, Lenny Zeltser writes:

A recent post to the Dailydave mailing list, titled Distributed Phishing, described an incident similar to the report we received yesterday. The report outlined a large organization's battle against a botnet that implemented a phishing attack against the organization's customers. The trend to use bots for hosting phishing websites on compromised systems is not new, and was documented in the Register article titled Phishers Tapping Botnets to Automate Attacks. Using bots in this manner makes it difficult to shut down the malicious site, because the attacker can quickly modify the domain record to point to another compromised system. One way to defend against such attacks is to work with the company hosting the DNS server that resolves the malicious domain name to remove or modify the offending records.

Read more here.

0 Comments:

Post a Comment

<< Home