http://www.networkworld.com/news/2008/120508-network-solutions-phishing-came-before.html By Robert McMillan IDG News Service 12/05/2008 A late October phishing campaign may have given online criminals the information they needed to seize control of payment processor CheckFree's Internet domain this week. On the morning of Dec. 2, attackers logged into CheckFree's domain name registration account at Network Solutions and redirected Internet traffic away from CheckFree's systems to a rogue server located in the Ukraine. During an incident that lasted just under five hours, CheckFree customers trying to connect with the company's Web site were attacked with code that exploited a bug in Adobe's Reader software. But security experts said Thursday that the groundwork for this attack may have been laid in late October, when Network Solutions customers were targeted in a phishing attack. In that attack, Network Solutions customers were sent an e-mail crafted to look like it came from the domain name registrar, asking them to enter their account information on a Web site controlled by the criminals. When these attacks are directed at a small but carefully targeted group of victims, they're called "spear phishing" in the security industry. [...] _______________________________________________ Help InfoSecNews.org with a donation! http://www.infosecnews.org/donate.htmlReceived on Thu Dec 04 2008 - 22:32:31 PST
This archive was generated by hypermail 2.2.0 : Thu Dec 04 2008 - 22:43:35 PST