On TechRepublic: Why Android beats iPhone
BNET Business Network:
BNET
TechRepublic
ZDNet

August 26th, 2008

Feel like taunting an identity thief? Don't.

Posted by Ryan Naraine @ 3:06 pm

Categories: Adobe, Anti Virus, Botnets, Browsers, Data theft, Flash, Malware, Patch Watch, Phishing, Rootkits, Spam and Phishing, Spyware and Adware, Vulnerability research

Tags: Identity Thief, Asprox, Phishing, Cyberthreats, Spam, Spyware, Adware & Malware, Banking, Viruses And Worms, Security, Spam And Phishing

Phishers bite backThe next time you get the urge to enter angry messages to phishers on fake (malicious) Web sites, stop and consider this discovery by researcher Joe Stewart.

The identity thieves behind the Asprox botnet have built extra logic into phishing sites to detect taunts and subject those computer users to drive-by malware exploits.

“If you are running Windows and haven’t recently installed your security updates and patched all your browser plugins/ActiveX controls, you might find yourself infected with your very own copy of Asprox,” Stewart warns.

Not only do you then get the opportunity to unknowingly send phishing emails on behalf of the botnet, you will likely get some extra goodies, since Asprox is also a downloader trojan. You won’t notice it running, but you might notice some of the things it downloads and installs.

For instance, you might find your desktop wallpaper changed to a “spyware alert” type of message, and now all your screen saver shows is scary blue-screens-of-death.

[ SEE: Adobe Flash ads launching clipboard hijack attack ]

Stewart posts screen shots with evidence that the Asprox botnet operators are linked to the attackers behind the rogue security software (scareware) attacks.

And at any time, Asprox might deliver another malicious payload and install it for you - and it could be much worse: we’ve seen the Zbot banking trojan installed by Asprox in the past. So instead of a dealing with a nuisance program, you might be silently sending your banking and credit card information to the botnet owners. Something to think about before venting your frustrations on the bad guys. Sometimes phish bite back.

* Image source: David Locke’s Flickr photostream (Creative Commons 2.0)

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 27 Talkback(s)
More annoying
than the fact that you have to install additional software just to make Windows work as advertised. (Read the rest)
Posted by: tracy anne Posted on: 10/22/08 You are currently: a Guest | | Terms of Use
Surprising  mejohnsn | 08/26/08
Not surprising  happyharry_z | 08/26/08
So, it's safe to say that...  MGP2 | 08/27/08
Uh  zdnet@... | 08/27/08
Uh wouldn't the mere act of visiting such a site put you at risk anyway?  T1Oracle | 08/26/08
Privacy Proxy!  mejohnsn | 08/26/08
Once you make a connection...  bjbrock | 08/27/08
What in the world...  zdnet@... | 08/27/08
And you know you haven't because?  tracy anne | 10/22/08
Amen to that T1Oracle  starcannon99022@... | 08/27/08
Tried using ...  Linux_4u! | 08/26/08
I don't have the KDE services removed  tracy anne | 10/22/08
Drive by malware?  TripleII | 08/26/08
RE: Feel like taunting an identity thief? Don't.  chadpengar | 08/27/08
RE: Feel like taunting an identity thief? Don't.  Kriseee11 | 08/27/08
Stupidest post I've ever read here  thetwonkey | 08/27/08
oops  DiZastur | 09/12/08
What??  shawkins | 08/29/08
You know those annoying commercial  jtdavies | 08/27/08
More annoying  tracy anne | 10/22/08
I Agree, Apple is safer, How to report Phishing  ralphrides | 08/27/08
Street gangs with computers  BALTHOR | 08/27/08
RE: Feel like taunting an identity thief? Don't.  starcannon99022@... | 08/27/08
Ignorant Rubbish  neil.postlethwaite@... | 08/27/08
A file in Task Manager Processes?  BALTHOR | 09/05/08
Doesn't necessaily show up as a separate process  nacht@... | 09/11/08
But it's fun  tracy anne | 10/21/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Meet Doc