RealTime IT News

APWG Fingers 'Avalanche' Phishing Syndicate

The latest report from the Anti-Phishing Working Group blows the whistle on one particular gang of cyber thugs who managed to wreak unprecedented havoc in the second half of 2009, stealing banking information, credit card numbers and spreading data-swiping malware at a breakneck pace.

Dubbed "Avalanche" for its prodigious ability to set up fake Web sites and spread sophisticated malware, the group was responsible for the vast majority of phishing attacks in the last six months of 2009.

On the bright side, as eSecurity Planet reports, the group's shameless greed also made it a target for security software vendors and research groups that were eventually able to put a pretty sizeable dent its phishing empire.

Still APWG and other security experts are warning that "Avalanche" will likely set up shop using different top-level domains and bogus Web sites to continue fleecing consumers and corporations out of millions of dollars.


A group of sophisticated and proficient hackers known as the "Avalanche" gang was responsible for setting up and operating more than two-thirds of the 126,000-plus fake Web sites designed to steal Internet users' credit card numbers, bank account information and infect their PCs with malware.

Through the use of sophisticated malware and phishing tactics, the group was singlehandedly responsible for the ominous increase in worldwide phishing attacks in the last six months of 2009, according to a report released by the Anti-Phishing Working Group.

"Avalanche's impact was unprecedented," said Greg Aaron, director of key account management and domain security at Afilias and co-author of the study. "The losses by banks and individual Internet users were staggering."

Read the full story at eSecurity Planet:
Single Phishing Gang Dominated Attacks in 2009