PC World reports that eBay phishing attacks are getting more sophisticated. Attack networks and servers, including those that control spam botnets and host phishing sites, are being run from rootkitted Linux machines whose owners haven’t a clue they’ve been infected. eBay recently reported that data on over 1,000 of its members had been stolen through a phishing attack. The online world appears to be getting more dangerous.
It’s intriguing that cybercriminals are turning to Linux attacks; the penguin has long been regarded as the most secure of the three major operating systems, yet cracked (not hacked) servers and desktop machines running various brands of the open-source software serve as command networks for botnets and data collection servers for phishing sites. Linux machines apparently fetch a premium over PCs in the underground market, but their primary purpose seems to be staying in the control and hosting fields. When it comes to the actual bots in a botnet, Windows is preferred.