Now this is leverage: scaling a phishing operation

Now this is leverage: scaling a phishing operation

Summary: Great research over at Netcraft today. They have found a site called Mr.

TOPICS: Security

Great research over at Netcraft today. They have found a site called Mr. Brain set up by some Moroccon hackers that offers a whole suite of phishing tools. The phishing tools are the usual set of cloned HTML, and management interface for routing stolen bank card info, etc. But these tools come with a bonus! All of the stolen data is also sent to the guys at Mr. Brain!


Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Government innovation

    Now why can't the FBI, CIA, NSA, etc., think up things like that?

    It would save us taxpayers a fortune on setting up and maintaining all the clandestine surveillance that we all know doesn't actually exist.
    • Because government is lazy, incompetent and...

      ... with a locked-in involuntary "customer" base having no choice in the matter, has no motivation to innovate and excel.

      Mr. Brain, like any other private enterprise, is driven and disciplined by market forces, however perverse and criminal they may be.
      • which is precisely why these

        'market forces' need to be regulated by responsible government - otherwise they will be 'disciplined' to be just as 'perverse and criminal' - and profitable - as [b]Mr Brain[/b] seems to be....

      • market force = profit over people

        the force driving the market is PROFIT, not BENEFIT TO PEOPLE.
        Look at the practices of many big international companies, especially in third world countries. Market forces do not drive one to act criminally directly, but the sure don't encourage one to not be a criminal. imho.
        • Profit is not the problem

          After all, each of us operates from a profit motive when we go to work every day. We provide our time and effort to our employers because we expect to profit in the form of a paycheck. And that paycheck would not be there if our employers did not derive a profit from doing business with their customers.

          "Pure" market forces, i.e. an ideal system where a business could prosper only by providing honest value to its customers, would provide an active disincentive to criminal behavior such as fraud. Unfortunately, what actually exists is often a great deal closer to mercantilism than to a market-driven or capitalist (in the true sense of the word) system.

          Big money buys big government and big government uses its monopoly of force to protect the interests of its leash-holders. Look closely enough at the predatory behavior of your "big international companies... in third world countries" and you will very likely find that the hands of the dime-store kleptocracies which run those countries are deep in the pockets of the multinationals who are pillaging the land and the people.
          • profit by itself drives the problem, profit over people is a problem

            profit, if it is the ONLY driving market motive, is the problem.

            whether motivating kleptocracies or international corporations, they maximizes profit by not caring about human or environmental impact or long term consequences.

            profit is a fine motive/incentive as long as it is balanced by something more decent like accountability, responsibility, philanthropy, charitability, compassion, etc. take you pick.
            This is all to rare. while profit doesn't exclude better motives, it doesn't encourage them, and maximizing profit almost always directly discourages them. so yeah profit is the problem because it makes a very bad motive by itself, it needs help from a better motive.

            my ideal motive list:
            #1 do as little harm to others or the environment as possible
            #2 make a profit
            #3 give back to the local community

            even better is to have "benefit to people" as a co-motive to profit, almost the opposite of out current system. accountability and responsibility are at least crucial, but we have too little of that as well.

            so i mostly agree with you...slightly different take.
  • RE: Now this is leverage: scaling a phishing operation

    This is like the crook leaving a cell phone at the place he robs with a note call me. Sure makes sense to me. These guys should get 50 years just for being stupid.
  • Phishing for phishermen... I love it !!!!

    Phishing for phishermen... Conning the Con... I love it !!!!

    No such thing as a free meal. Every time you hear a bell ring, a stupid criminal is born. We need more groups like Mr Brain...
    • "No such thing as a free meal." jail you get free meals...

      so these guys are on the right track for a lifetime of free meals ;-)

      i do agree though, Mr. Brain represents the classic anti-hero being popularized in modern media these days. the Dexter of phishing cons...
  • i always assumed his was the case with these tool sets

    nice to see an article about it.

    give a man a stolen identity and he can eat for a day.
    teach him to phish and he can eat for a lifetime. ;-) haha

  • Meh, as long as this isn't the new kernel level javascript exploit

    Meh, as long as this isn't the new kernel level javascript exploit taking hold of many servers ( this isn't really as worrisome. What we really need to focus on is how exactly that javascript exploit is performing root privileged activities without performing a bruteforce attack and seemingly without exploiting a vulnerable web script. That exploit seems to be quite dangerous!

    - John Musbach
    John Musbach
  • I dunno, if I was a director...

    at one of the aforementioned stupid evil lazy yadda-yadda agencies, I think I might set up a covert op and call it could rope a lot of dopes....