Black Hat : Honor Among Thieves?
people that are profiting from phishing, a pair of security researchers at
Black Hat have argued that most aren't all that bright.
In a presentation titled, "Bad Sushi Beating Phishers
at Their Own Game" researchers Nitesh Dhanjani and Billy Rios demonstrated (sometimes with hilarious
detail) how many phishing attempts are basic and not the work of sophisticated
phishers use readily available phishing kits. Dhanjani noted that though there
are many different phishing kits that he could find online for the most part
they're all quite similar since a lot of the functionality is stolen from each
other (so one kit steals from another and vice versa).
argued that many of the kits are using basic PHP scripts that aren't exactly
rocket science either.
In Dhanjani's view what the code
reuse in phishing kits means is that 1) Phishers are lazy 2) The phisher didn't
know how to create the kit themselves and 3) They just want to get up and running ASAP.
Even better Rios explained that he found further evidence of
phishers ripping off other phishers. Rios told the capacity audience that he
was able to find a blacklist for blacklisters. That is a list of phishers that other phishers
didn't want to do business with because they had been wronged in some way. Rios
commented that one list he found had 3500 people on it.
Talk about honor among thieves. Apparently there isn't any
when it comes to phishers.
"Phishers are not always one
step ahead of us the reality is that they rely on infrastructure that is
already in place to help them to do what they need to do," Rios said.
"It's good that these people are not as technically savvy as ninja hackers
but it's bad because basically anyone can do this."