Imperva finds master hacker dupes 200,000 strong phisher army
Unlike previous phishing kits that have been available for years, this new approach lives in the cloud and relies on hackers exploiting other hackers. And with the new cloudbased approach, the infrastructure for this phishing kit never goes away.
This attack highlights an interesting twistthere's no honor among thieves. Two master hackers wrote and then posted a phishing kit into hacker forums. The irony is that anyone using this kit becomes an unknowing member of the master hacker's army. When hackers use this kit and deploy a successful phishing campaign, all the stolen credentials and information goes straight back to the master hacker without the proxy hacker's knowledge. It's very clever. The master hacker never needs to conduct a campaign to see financial gain.
Amichai Shulman, CTO at Imperva who discovered his campaign is available for interviews to discuss:
- How this attack works
- Who created it
- What the master hacker will gain
- A step by step explanation of what happens
- An insight into the business model.