Now this is a pretty surprising figure, we all know Phishing has become a big issue in recent years especially for financial institutions, but it still amazes me two-thirds of all attacks can come from a single group! It’s been a major issue concerning computer security in general, consumer privacy and companies like PayPal have had a lot of problems with phishing attacks.
Apparently Avalanche arose from members of Rock Phish which we wrote about accounting for 50% of all phishing attacks back in 2007.
It seems that phishing is growing into a fairly huge business for some people.
A single criminal operation was responsible for two-thirds of all phishing attacks in the second half of 2009 and is responsible for a two-fold increase in the crime, a report published this week said.
The Avalanche gang is believed to have risen out of the ashes of the Rock Phish outfit, which by some estimates was responsible for half the world’s phishing attacks before fizzling out in late 2008. Driving the success of both groups is their use of state-of-the-art technology for mass-producing imposter websites and distributing huge amounts of crimeware for automating identity theft.
“Avalanche uses the Rock’s techniques but improved upon them, introducing greater volume and sophistication,” the report, released by the Anti-Phishing Working Group, stated.
They are definitely getting more sophisticated as I remember phishing attacks when they first originated and they were really very basic, generally riddled with typos and spelling mistakes and weren’t particularly convincing to anyone.
Now, especially with CSRF/XSS/iframe injection attacks on major websites, phishing gangs have a lot more ways to spoof legitimate looking URLs.
Central to Avalanche’s success is its use of fast-flux botnets to host phishing sites. The use of peer-to-peer communications makes it impossible for a single ISP or hosting provider to to pull the plug on the infrastructure. The gang also excels at launching attacks from a relatively small number of domain names that often appear confusingly identical to each other, such as 11f1iili.com and 11t1jtiil.com. Those abilities also fuel the success.
There were 126,697 phishing attacks during the second half of 2009, more than double the number in the first half of the year or from July through December of 2008, the APWG report said. Avalanche, which was first identified in December of 2008, was responsible for 24 percent of phishing attacks in the first half of 2009 and for 66 percent in the second half. From July through the end of the year, Avalanche targeted the more than 40 major financial institutions, online services, and job search providers.
Curiously, Avalanche may turn out to be a victim of its own success.
The average uptime for each Avalanche phishing attack is much shorter than from other people due to awareness of their gang and tactics, obviously being infamous doesn’t work in their advantage. Perhaps time for them to rethink their strategies.
Remember anti-virus software, firewalls and even the anti-phishing features built into Internet Explorer and Firefox can’t really help with phishing, it’s more a social problem. So if you get the chance do try and educate the less tech-savvy around you about the risks.
You can find the full report here:
Source: The Register