Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • IT Management
    • Small Business

    ‘Avalanche’ Cyber Gang Dominated Phishing Attacks

    By
    Brian Prince
    -
    May 13, 2010
    Share
    Facebook
    Twitter
    Linkedin

      New research from the Anti-Phishing Working Group (APWG) ties a single crime syndicate to more than 60 percent of the phishing attacks in the second half of 2009.

      According to the report (PDF), a cyber-gang known as Avalanche was responsible for 66 percent of all phishing attacks during the last six months of 2009 and successfully targeted some 40 banks and online service providers. Also hit were vulnerable or non-responsive domain name registrars and registries. Besides phishing, the group also used its infrastructure to push the notorious Zeus Trojan.

      “Avalanche’s impact was unprecedented,” said Greg Aaron, director of key account management and domain security at Afilias and co-author of the study, in a statement. “This one criminal group was responsible for two-thirds of the world’s phishing, and also combined it with sophisticated crimeware distribution. The losses by banks and individual Internet users were staggering.”

      According to APWG, there are indications the Avalanche crew is a successor to the infamous Rock Phish gang that operated from 2006 to 2008. Avalanche appeared in December of 2008, and was responsible for 24 percent of the phishing attacks in the first half of 2009.

      “The Rock was the first to bring significant scale and automation to phishing,” the report states. “The Rock registered domain names regularly and in large numbers, used fast-flux hosting to support its phishing Web sites and extend their uptimes, and usually placed about six discrete phishing attacks on each domain name.”

      Avalanche improved upon the Rock Phish gang’s techniques, hosting domains on a botnet consisting of compromised computers. Since no ISP or hosting provider has control of the hosting and can take the pages down, the domain name itself must be suspended by the domain registrar or registry – making mitigation more difficult, the APWG noted.

      In mid-November however security researchers were able to disrupt the group’s botnet for about a week, and since then gang has launched fewer attacks. By March 2010, Avalanche was hosting only one phishing attack on each domain it registered, and the number of attacks fell from 7,089 in November to just 59 in April 2010, according to the report.

      “Avalanche’s relentless activities led to the development of some very effective counter-measures,” explained Rod Rasmussen, founder and CTO of Internet Identity and co-author of the study, in a statement. “The data shows that the anti-phishing community — including the target institutions, security responders, and domain name registries and registrars — got very good at identifying and shutting down Avalanche’s attacks on a day-to-day basis.”

      Avatar
      Brian Prince

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×