eBay: Phishers getting better organized, using Linux

eBay's CISO says phishers are using Linux to conduct their online attacks.

When it comes to launching online attacks, criminals are getting more organized and branching out from the Windows operating system, eBay's security chief said this week.

eBay recently did an in-depth analysis of its threat situation, and while the company is not releasing the results of this analysis, it did uncover a huge number of hacked, botnet computers, said Dave Cullinane, eBay's chief information and security officer, speaking at a Microsoft-sponsored security symposium at Santa Clara University.

Cullinane, who one year ago downplayed the role of organized crime in phishing ("It's not the Sopranos," he said), believes that online attackers are indeed becoming more sophisticated, with malware developers now being funded to develop new and improved attacks.

In the past year, Cullinane has seen better organization by eBay fraudsters. Criminals are being paid to develop better types of attacks, and the attacks are getting harder to detect, he added. "The phishing e-mails I see are extremely sophisticated," he said.

Apparently, this growing professionalisation has even cut down on mangled grammar. "The language they're using is very good." Cullinane said.

Last week eBay said data on 1,200 eBay members had probably been stolen via an phishing scam. The members' data was posted to the company's Trust & Safety discussion forum.

Cullinane's experience with phishing goes back to his previous employer, Washington Mutual, which has been one of the top phishing targets in the U.S.

While there, he noticed an unusual trend when taking down phishing sites.

"The vast majority of the threats we saw were rootkitted Linux boxes, which was rather startling. We expected Microsoft boxes," he said.

Rootkit software covers the tracks of the attackers and can be extremely difficult to detect. According to Cullinane, none of the Linux operators whose machines had been compromised were even aware they'd been infected.

Although Linux has long been considered more secure than Windows, many of the programs that run on top of Linux have known security vulnerabilities, and if an attacker were to exploit an unpatched bug on a misconfigured system, he could seize control of the machine.

Because Linux is highly reliable and a great platform for running server software, Linux machines are desired by phishers, who set up fake Web sites, hoping to lure victims into disclosing their passwords.

"We see a lot of Linux machines used in phishing," said Alfred Huger, vice president for Symantec Security Response. "We see them as part of the command and control networks for botnets, but we rarely see them be the actual bots. Botnets are almost uniformly Windows-based."

Since Linux machines can be used to more easily create specially crafted networking packets, they can be used in highly sophisticated online attacks, said Iftach Amit, director of security research with Finjan Inc.'s malicious code research center.

Capabilities like this make Linux machines highly coveted by online attackers, and they fetch a premium in the underground marketplace for compromised machines, Amit said.

Join the PC World newsletter!

Error: Please check your email address.

Struggling for Christmas presents this year? Check out our Christmas Gift Guide for some top tech suggestions and more.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?