Replacing Phishers with a Small Shell Script: Jakarta Bombing Malware

Published: 2009-07-17
Last Updated: 2009-07-17 18:51:49 UTC
by John Bambenek (Version: 1)
1 comment(s)

Almost on cue, with the news of the bombing in Jakarta, the bottom-feeders of the black-hatters have started to put up Jakarta-related phishing schemes. The first wave seems to be more of the fake anti-virus variety and Threat Expert has a write up on that malware. Nothing seems particularly interesting on it.

It would be a novel invention (but probably unworkable) if domain registrars could simply halt registrations for "crisis-related" domains to slow this kind of thing down (and the same for web advertisement services like Google).  A list of hostile domains is on its way to various security researcher lists, but keep an eye for Jakarta-related phishing attacks.

John Bambenek
bambenek /at/ gmail dot com

1 comment(s)


yeah, and it would also help if domain registrars would stop registering pill spam domains, but we don't see that happening either...

Diary Archives