Replacing Phishers with a Small Shell Script: Jakarta Bombing Malware
Almost on cue, with the news of the bombing in Jakarta, the bottom-feeders of the black-hatters have started to put up Jakarta-related phishing schemes. The first wave seems to be more of the fake anti-virus variety and Threat Expert has a write up on that malware. Nothing seems particularly interesting on it.
It would be a novel invention (but probably unworkable) if domain registrars could simply halt registrations for "crisis-related" domains to slow this kind of thing down (and the same for web advertisement services like Google). A list of hostile domains is on its way to various security researcher lists, but keep an eye for Jakarta-related phishing attacks.
John Bambenek
bambenek /at/ gmail dot com
Jul 18th 2009
1 decade ago