Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Google Maps used to locate phishing victims

IP addresses offer ID hack proof-of-concept.

Article comments

Account holders with at least two Australian banks have become victims of a phishing scam in which malicious code reveals the physical location of affected IP addresses using Google Maps.

Bank account holders in Germany and the U.S. have also been targeted.

The software installs a Trojan capable of key-logging user activity, hijacking infected computers.

The scam was circulated as a false news report claiming the Australian prime minister had suffered a heart attack. It installs a Trojan and backdoor code to capture all user input as well as compromising a Web server to allow the hacker to hijack the victims' computer.

The hacker is then provided with details on the number of infected machines in each country, while the Google Maps server is used to translate IP information to pinpoint the machines' physical location.

Websense Australia and New Zealand country manager Joel Camissar believes hackers could potentially use Google Maps to assist in identity theft.

"The hackers could correlate user information acquired from the key-logger with knowledge of where a user is located from Google Maps to masquerade as them," Camissar said. "With this they could access bank accounts and social security numbers." Camissar said there are around 750 infected desktops in Australia.

Westpac and the Commonwealth Bank were among those specifically targeted in Australia, while Bank of America and Germany's Deutsche Bank were also attacked. Westpac and the Commonwealth Bank were unavailable to comment at the time of publication.

Sophos senior technology consultant Graham Cluley said users are directed to a 404 error page which downloads the code.

"Recipients of the e-mail are encouraged to click on a link to obtain the latest information on Howard's health; however, this link takes users to a Web page which downloads malicious code to their PC, and then displays the real '404 page not found' error page," Cluley said.

"The scammers have registered several domain names that appear to be associated with a newspaper, and have gone to great effort to make people think that they really are visiting the genuine site by pointing to a real error page." "Everyone should be on their guard against this kind of e-mail con-trick, or risk having their PC infected."

Camissar was unsure whether Websense acquired the information through sample code provided by AusCERT or by accessing the hackers' servers.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *