Blog Hacked, Phishing Attack Ensues

Friday, April 19, 2013 @ 03:04 PM gHale


Cyber criminals hacked into the official UGG blog and they’re using it to host a malicious file that’s part of an HSBC phishing scam, researchers said.

The goal of the phishing scam is to harvest the personal and financial details of users.

RELATED STORIES
Phishing Hole: Execs Names Pilfered
Malware Attacks Hit Constantly
Spear Phishing: Energy Sector Targeted
Malware Hits Apache Servers

The attack starts with an email that comes with an HTML file attached to it. When executed, the HTML file opens a webpage that replicates the official HSBC website, Netcraft researchers said.

Here, victims end up asked to submit information. The submitted data ends up harvested by a PHP script stored in the UGG blog’s stylesheet directory.

In the final phase, victims then end up redirected to the legitimate HSBC website to make everything more legitimate-looking.

The UGG blog (blog.uggaustralia.com), hosted by Media Temple, is a WordPress site, which means there might be a connection between this scheme and the recent brute-force attacks utilized to hijack WordPress websites.



Leave a Reply

You must be logged in to post a comment.