Monday, May 30, 2005

Hacking phishing sites

Picture credit:
Excel web sharing - spreadsheet collaboration over the Internet made easy with BadBlueThe latest development in the war on phishing: vigilante hackers are defacing the phishers' false store-fronts. It's an interesting idea, though probably illegal in most venues. The vigilante hackers are likely using the same exploits the phishers employed.

The ironic upshot? The phisher now must consider patching any vulnerabilities on a target machine to ensure the store-front doesn't get defaced! Who'd have thunk it - phishers patching machines to remove vulnerabilities...

Call them modern Robin Hoods, hackers who use their skills to take down Web sites used in phishing scams. Several sites that at one point hosted fraudulent Web pages designed to trick usres into giving out personal data have been defaced, according to Netcraft, an Internet services company in Bath, England.

The hackers replaced the phishing sites with a warning page. Netcraft has posted several screenshots of purported defaced phishing sites.

Phishing sites often are hosted on hacked Web servers. It appears the defacers used the same server weaknesses that were exploited by the phishers to remove the phishing Web sites... Hacking Phishing Sites

No comments: