Recently, there has been a spike in fast-flux, high-volume phishing activity. Previously, this was known as "Rock Phish" activity; however that can be considered version 1.0 - domains, hosted on a botnet, targeting multiple financial brands and their customers via phishing sites. Version 2.0 - known as Avalanche or ZBOT - is particularly troubling as they have evolved to include a malware payload, and broadened their target base by including social networking sites, government agencies, and even spoofing the email recipient's domain. While complete fraud-loss and malware infection rates are difficult to come by, Damballa research found that the Zeus Trojan - the malware payload included in the Avalanche attacks - has infected 3.6 million systems in the U.S. alone.
Fri, Dec 04, 2009