Hosting services under attack

By Shaun Nichols on Dec 8, 2009 3:32PM
Hosting services under attack

A new phishing attack is targeting webmasters in an attempt to gain access to site credentials.

According to security firm Trusteer, the attack targets cPanel, a popular management tool for web hosts.

The attackers have sent out emails claiming to originate from the hosting firms.

The emails tell the user that due to maintenance activities all FTP credentials must be updated. The message contains a link to a phishing site which asks for log-in information.

Researchers say that the attack is meant as an attempt to harvest FTP logins for webmasters. Once the logins have been collected, the accounts are then accessed and the sites used to host phishing pages targeting users of online banking sites and other financial services.

Trusteer chief technology officer Amit Klein said that the tie-in to bank phishing was of particular interest and could signal a dangerous new trend in the way online fraud operations are run.

"The ability to upload arbitrary content into relatively small and less popular sites may seem un-interesting fraud-wise. However, evidence we have collected over the past few months connects cPanel-driven sites to online banking fraud," said Klein.

"By stealing cPanel login credentials, criminals do not need to use hacking tools to upload content to a website, and therefore can avoid detection until after they have siphoned funds from consumer and business banking accounts."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
attack banking collaboration credentials networking online phishing site

Partner Content

Shared Intelligence is the Real Competitive Edge Partners Enjoy with Crayon
Shared Intelligence is the Real Competitive Edge Partners Enjoy with Crayon
How mandatory climate reporting is raising the bar for corporate leadership
How mandatory climate reporting is raising the bar for corporate leadership
MSPs with a robust data protection strategy will achieve market success
MSPs with a robust data protection strategy will achieve market success
New Microsoft CSP rules? Here’s how MSPs can stay ahead with Ingram Micro
New Microsoft CSP rules? Here’s how MSPs can stay ahead with Ingram Micro
Beyond the box: How Crayon Is Redefining Distribution for the Next Era
Beyond the box: How Crayon Is Redefining Distribution for the Next Era

Sponsored Whitepapers

Protect the data your business relies on
Protect the data your business relies on
Cut through the SASE confusion
Cut through the SASE confusion
Stay protected as cyber threats evolve
Stay protected as cyber threats evolve
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
The race to AI advantage is on. Don’t let slow consulting projects hold you back.
The race to AI advantage is on. Don’t let slow consulting projects hold you back.

Events

Canalys Forum APAC 2025
Canalys Forum APAC 2025

Most read articles

Save-the-dates for Pipeline 2026: We're levelling up to Hamilton Island in May!

Save-the-dates for Pipeline 2026: We're levelling up to Hamilton Island in May!
Announcing the 2025 Benchmark Security Awards Partner finalists

Announcing the 2025 Benchmark Security Awards Partner finalists
The State of Channel Security

The State of Channel Security
Channel faces AI-fuelled risk as partners lag on data resilience, Dicker Data summit told

Channel faces AI-fuelled risk as partners lag on data resilience, Dicker Data summit told

Log in

Email:
Password:
  |  Forgot your password?