WEB HOSTING NEWS

By: Terri Wells	Search For More Articles! Disclaimer Author Terms
Rating: / 2
2007-03-14

Table of Contents:

Pharming a Scary Harvest

Pharming in the News

New Worries: Drive-by Pharming

Protecting Yourself

	ADD THIS ARTICLE TO:
	Del.ici.ous	Digg
	Blink	Simpy
	Google	Spurl
	Y! MyWeb	Furl

Email Me Similar Content When Posted

Add Developer Shed Article Feed To Your Site

Email Article To Friend

Print Version Of Article

PDF Version Of Article

SEARCH WEB HOSTERS

TOOLS YOU CAN USE

Pharming a Scary Harvest - Pharming in the News

(Page 2 of 4 )

Two separate stories about pharming that might be referring to the same incident were reported by Host Search and donga.com. According to the Host Search story, the malicious hacker or hackers took advantage of a flaw in Microsoft software to go after the customers of 50 banks around the world. In a type of attack we've seen many times before, the victims were directed to a web site that forces a vulnerable computer to download a Trojan horse. The nasty file would download five more files from a server in Russia. Servers in three other countries were also hosting the malware.

The hackers had sites that looked just like those of financial institutions all ready for the victims. Anyone using an infected computer to visit the legitimate versions of those sites would be redirected to the bogus ones. If they attempted to log in, they divulged their names and their passwords to the attackers.

The story from donga.com reported more than 65 financial institutions as falling victim to the attack, including British bank Barclays, American Express, Discover, eBay, and PayPal. The attack began on February 19 in Australia and spread around the world. By February 22, the fake sites had been shut down.

The attack was spread by a bogus email that reported the Australian Prime Minister had suffered a heart attack. Websense security firm stated that it included keylogger and phishing components. At the time Websense reported the attack, there were around 2,500 victims. Going back to donga.com's report, "The users who read the e-mail were infected with Trojan horse viruses, leading to the artificial change of the host file that connects internet addresses."

If these kinds of attacks sound familiar, that's because they aren't completely new. They've also been referred to as "DNS cache poisoning" attacks because they involve the compromise of domain name system servers - the computers responsible for taking URLs and resolving them into the correct addresses. The technique was first outlined in 1993 in a paper released by Christoph Schuba entitled "Addressing Weaknesses in the Domain Name System Protocol." CNet reported on the problem back in mid-2005. Needless to say, it hasn't gone away.

Next: New Worries: Drive-by Pharming >>

More Web Hosting News Articles
More By Terri Wells

Comments On: Pharming a Scary Harvest

· I hope you found this article educational. Feel free to comment here.

>>> Post your comment now!

WEB HOSTING NEWS ARTICLES

- Lulz Security Hacks CIA, Takes Requests
- Apple Unveils iCloud
- Rackspace Introduces Cloud Load Balancers
- Amazon Offers Cloud Drive, Disses Music Indu...
- New Android.Pjapps Trojan
- Copyright Fight over Hurt Locker Downloads I...
- Data Reveals Many Browsers Remain Unpatched
- PandaLabs Report - What Happens to Stolen In...
- Safari Books Online Review
- Hackers Targeting Human Rights Groups
- Disk Defraggers Pose Security Risk
- LimeWire Dead: What`s Next for File-Sharing ...
- New Report Shows Malware Increasing and Spam...
- Many Accused of Illegal Downloads not Bowing...
- Illegal Downloaders May See Debt Collectors ...

Find More Web Hosting News Articles