Friday, January 25, 2008

Phishing Group Caught Stealing From Other Phishers

Slashdot points up an article Netcraft has written about a website offering free phishing kits with one ironic twist -- they all contain backdoors to steal stolen credentials from the fraudsters that deploy them.

In the Netcraft article, the creators of the kits are described as a group of Moroccan fraudsters calling themselves Mr-Brain, whose intentions are to encourage as many people as possible to use their phishing kits. Close inspection of the configuration script reveals deceptive code hiding the true set of electronic mail addresses that are contacted by the kit, ie., every fraudster who uses the kit will unwittingly send a copy of each victim's details back to the Mr-Brain group.

For details, including another Mr-Brain scam earlier this month configured to covertly send harvested credentials from Bank of America, see this issue of Netcraft.