14 DAY TRIAL // Usually, the man who gets others to do his job for him is either called 'boss' or just 'smart'. Wait till you see the latest sample of hacking ingenuity: Mr. Brain, a Moroccan group was just found to be offering free phishing kits for scammer wannabes for free. The catch is that they have some code included somewhere that will actually send back to the 'mother ship' all the really valuable information.
In other words, they have the new soon-to-be perpetrators go through all the trouble of finding an ISP to host their website, support the maintenance cost and risk of being found, while they just kick back and check their email for updates.
Found by Netcraft, a security company in England, the scheme is brilliant because the package offered by Mr. Brain is just too good to pass on. The website presenting the packages lists the kits and details for every one of them just what it is capable of doing, such as collecting usernames, passwords or social security numbers. Once up and running, the website resulting from using the kit will mimic a well known brand that most people have heard about, in order to trick visitors into giving up personal information. Some templates for spam email are also included, as PC World reported, targeting Bank of America, eBay, PayPal or HSBC among others.
The special email function was hidden by Mr. Brain in "a blend of PHP scripts, one of which is encrypted. Just in case someone decrypts it, Mr. Brain has written at the top of the file 'Don't need to change anything here. Created by Mr. Brain Morocco Team'," Paul Mutton, Internet services developer at Netcraft, said.
It is not clear how many of these kits have been embraced by scammer wannabes and set up, but all in all, evil doing aside, hat-tip to Mr. Brain for coming up with this.