Web Hosting News

  Home arrow Web Hosting News arrow Page 2 - Pharming a Scary Harvest
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

Pharming a Scary Harvest
By: Terri Wells
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 2

    Table of Contents:
  • Pharming a Scary Harvest
  • Pharming in the News
  • New Worries: Drive-by Pharming
  • Protecting Yourself

  • Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article




    Pharming a Scary Harvest - Pharming in the News

    (Page 2 of 4 )

    Two separate stories about pharming that might be referring to the same incident were reported by Host Search and donga.com. According to the Host Search story, the malicious hacker or hackers took advantage of a flaw in Microsoft software to go after the customers of 50 banks around the world. In a type of attack we've seen many times before, the victims were directed to a web site that forces a vulnerable computer to download a Trojan horse. The nasty file would download five more files from a server in Russia. Servers in three other countries were also hosting the malware.

    The hackers had sites that looked just like those of financial institutions all ready for the victims. Anyone using an infected computer to visit the legitimate versions of those sites would be redirected to the bogus ones. If they attempted to log in, they divulged their names and their passwords to the attackers.

    The story from donga.com reported more than 65 financial institutions as falling victim to the attack, including British bank Barclays, American Express, Discover, eBay, and PayPal. The attack began on February 19 in Australia and spread around the world. By February 22, the fake sites had been shut down.

    The attack was spread by a bogus email that reported the Australian Prime Minister had suffered a heart attack. Websense security firm stated that it included keylogger and phishing components. At the time Websense reported the attack, there were around 2,500 victims. Going back to donga.com's report, "The users who read the e-mail were infected with Trojan horse viruses, leading to the artificial change of the host file that connects internet addresses."

    If these kinds of attacks sound familiar, that's because they aren't completely new. They've also been referred to as "DNS cache poisoning" attacks because they involve the compromise of domain name system servers - the computers responsible for taking URLs and resolving them into the correct addresses. The technique was first outlined in 1993 in a paper released by Christoph Schuba entitled "Addressing Weaknesses in the Domain Name System Protocol." CNet reported on the problem back in mid-2005. Needless to say, it hasn't gone away.

    More Web Hosting News Articles
    More By Terri Wells


    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap