Top Phishing Gang Turns to Malware

Leslie Meredith, TechNewsDaily Senior Writer

19 August 2010 03:37 PM ET

An internet security report released today says phishing attacks dropped 10 percent from April to June 2010 year-over-year. While reassuring at first glance, the report states cybercriminals have shifted their schemes from old-school phishing email attacks — which are designed to trick users into revealing personal information— to distributing Zeus malware, a more insidious form of cybercrime.

Phishing attacks by Avalanche, one of the most prolific cybercriminal gangs (responsible for two-thirds of the world’s phishing attacks in the second half of 2009), have disappeared, but other criminals have moved in to take its place, according to Internet Identity (IID). Phishing targets have shifted from banks to gaming, ecommerce and social networking sites, aiming to steal login information.

However, Avalanche and others have turned to distributing Zeus malware which is capable of hijacking computers, then stealing banking, social networking and email account logins, and making that information available as part of a criminal network. Once the malware has entered the user's computer, the identity theft is automatic ― eliminating the need for the unsuspecting user to supply personal information in response to a fraudulent email.

Earlier this month, security firm M86 uncovered a Zeus attack that netted over $1 million from British bank customers in from July 5 through August 4. The attack began with a malicious banner ad that led users to the malicious site where the malware was installed on both PCs and Macs. The malware captured login information, date of birth and security information to silently empty the user's bank account.

On August 2, Microsoft issued an emergency patch for supported versions of its operating system, including XP, Vista and Windows 7, in response to alerts that cybercriminals had been exploiting a vulnerability to install Zeus malware.

The U.S. continues to lead the world as the top hosting country for the origin of phishing scams .for traditional phishing volume. Canada moved from seventh to second in the report. Germany, U.K., France round out the top five. Surprisingly, Russia and China are at the bottom of the list, according to the IID report.

The sources for Zeus malware show a different worldwide distribution. Europe takes the top spot with 24 percent of malicious addresses, followed by China at 22 percent and the U.S. at 18 percent, reported Russian-based security software provider, Kaspersky Labs.