Menu
Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Media Alert: RSA AFCC detects new customised Rock Phish Trojan targeting business bankers

  • 17 June, 2008 10:04

<p>RSA, The Security Division of EMC, today released highlights from its online fraud report for May 2008. This month the RSA Anti-Fraud Command Centre (AFCC) detected a new Rock Phish attack variant which aims to infect victims with a new and unfamiliar Trojan. RSA had not seen this particular crimeware before, and has not seen it used by any other group. It is believed to be the custom work of the Rock Phish gang.</p>
<p>The AFCC noted that The Rock Phish attacks containing the new Trojan are aimed at the business account holders of several financial institutions. Victims of these phishing attacks are duped into downloading a Trojan which infects their computers when they visit the last page of the Rock Phish scam. Some social engineering text on this final page is designed to convince the victim to download a "certificate" file which will update their computer. The subterfuge is that the certificate will supposedly enable the user to successfully access his/her online banking account in the future. When in fact the crimeware allows fraudsters to extract information and filter it as it arrives at the drop point. It is also interesting to note that the fraudsters capture ICQ usernames and passwords, and FTP credentials. In order to protect itself from security researchers and reverse-engineering the crimeware's communication with the mother ship is encrypted.</p>
<p>The above details suggest that the Trojan in question is not a familiar one, but rather a new Trojan recently introduced by the Rock Phish gang alone. In addition, the social engineering infection vector is one that had not previously been used by the Rock group.</p>
<p># # #</p>
<p><b>About RSA</b></p>
<p>RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle – no matter where it moves, who accesses it or how it is used.</p>
<p>RSA offers industry-leading solutions in identity assurance &amp; access control, data loss prevention, encryption &amp; key management, compliance &amp; security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.</p>
<p><b>About The Rock Phish Gang</b></p>
<p>The notorious Rock Phish gang is a group of cyber criminals that is responsible for extremely large volumes of phishing scams. It is estimated that the gang's activities account for over 50% of all phishing attacks worldwide, and the group is believed to have skimmed tens of millions of dollars from the bank accounts of unsuspecting victims. A large number of financial institutions have been targeted by the Rock Phish gang, including some of the world's leading banks.</p>
<p><b>Media Contact</b></p>
<p>Geoff Noble</p>
<p>Banking and Finance Specialist</p>
<p>RSA, The Security Division of EMC</p>
<p>gnoble@rsa.com</p>
<p>+61 2 9463 8400</p>

Most Popular

Market Place

Computerworld
ARN
Techworld
CMO