Network Solutions phishing came before Web attack

[InfoSec News <alerts () infosecnews org>]

http://www.networkworld.com/news/2008/120508-network-solutions-phishing-came-before.html

By Robert McMillan 
IDG News Service 
12/05/2008 

A late October phishing campaign may have given online criminals the 
information they needed to seize control of payment processor 
CheckFree's Internet domain this week.

On the morning of Dec. 2, attackers logged into CheckFree's domain name 
registration account at Network Solutions and redirected Internet 
traffic away from CheckFree's systems to a rogue server located in the 
Ukraine. During an incident that lasted just under five hours, CheckFree 
customers trying to connect with the company's Web site were attacked 
with code that exploited a bug in Adobe's Reader software.

But security experts said Thursday that the groundwork for this attack 
may have been laid in late October, when Network Solutions customers 
were targeted in a phishing attack.

In that attack, Network Solutions customers were sent an e-mail crafted 
to look like it came from the domain name registrar, asking them to 
enter their account information on a Web site controlled by the 
criminals. When these attacks are directed at a small but carefully 
targeted group of victims, they're called "spear phishing" in the 
security industry.

[...]


_______________________________________________      
Help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html