tag = "PhishLabs"

Cleaning up from the Avalanche

The Avalanche botnet, also known as “MS-Redirect”, has been responsible for hosting phishing pages and malware distribution attacks on over 35 organizations, including the IRS, Facebook, MySpace, most recently NACHA, and many more. Unfortunately, there’s a great deal of confusion over how this botnet works and how it’s related to other malware. Let’s clear it […]

Open Formmailers Won’t Die

Some security problems just never seem to go away. I’m not sure if its because there’s a steady stream of new web developers that have to learn things the hard way, if people forget, or they think that their open programs won’t be found by the bad guys. Unfortunately for those of us that fight […]

Evil Searching and Phishing

Nearly a year ago I asserted in a Dark Reading interview that phishers were using Google and other search engines to find vulnerable web sites which they used to launch their scams. By a simple analysis of the web hosts and URLs used in phishing, I estimated that the vast majority of phishing web sites […]