Slashdot Mirror

← Back to Stories (view on slashdot.org)

Phishing Group Caught Stealing From Other Phishers

Posted by samzenpus on from the what's-good-for-the-goose dept.

An anonymous reader writes "Netcraft has written about a website offering free phishing kits with one ironic twist — they all contain backdoors to steal stolen credentials from the fraudsters that deploy them. Deliberately deceptive code inside the kits means that script kiddies are unlikely to realize that any captured credit card numbers also end up getting sent to the people who made the phishing kits. The same group was also responsible for another backdoored phishing kit used against Bank of America earlier this month."

2 of 129 comments (clear)

  1. Re:How times have changed: you can't trust.....wai by cortesoft · · Score: 5, Interesting

    Except they are actually double feeding off innocent people.... some poor chap's info gets stolen by both the guy who deployed the phishing kit and the guy who wrote it.... which means its probably at least twice as likely to get used for fraud.

  2. This is really sad.. by DigitAl56K · · Score: 5, Interesting

    .. you just can't trust malware anymore!

    Really though, this is nothing new. IIRC, some builds of Sub7 had a reverse backdoor (not covered in the wiki article), as well as a master password that let the Sub7 crew take over a server (covered by the wiki article), and some builds even included hard drive killer when the master password was in use.