Rock Phish

From Wikipedia, the free encyclopedia

Rock Phish is also referred to as Rock Phish Kit. Authorities differ over its precise definition and about what sort of entity it is.[1] The common information is that it is either a hacker or group of hackers, or a phishing tool kit, or that the same name is used for each.

[edit] Rock Fish Kit

The Rock Fish Kit is a popular tool designed to help nontechnical people create and carry out phishing attacks.[2][3][4] Like virus-making kits a few years ago, these kits are helping increase the number of phishing attacks, by making phishing methods more mainstream. The kit allows a single website with multiple DNS names to host a variety of phishing webpages, covering several banks and companies.

These kits are easily identified by the pattern in their URL:

URL: http://{domain name}/r1/{letter}

Where the letter is some combination that attempts to fool the user. Usually the first letter of the bank or company is in the letter of the URL.

[edit] Rock Fish

Rock Fish is defined in the article by Robert McMillan[1] as a hacker or group of hackers stated to be behind "one-half of the phishing attacks being carried out these days". Because of the elusive nature of Rock Fish, the article reports Symantec as comparing it with the movie character Keyser Söze

[edit] References

  1. ^ a b Robert McMillan (2006-12-12). 'Rock Phish' blamed for surge in phishing 2. InfoWorld. Retrieved on 2006-12-13. “The first thing you need to know about Rock Phish is that nobody knows exactly who, or what, they are.”
  2. ^ Malware Review. Internet Industry Association (03 2006). Retrieved on 2006-12-13. “The so-called 'rock-phish' kit saves Phishers space and time: One single 'physical' site with multiple DNS names now holds a multitude of Phishing pages, covering a broad range of different banks.”
  3. ^ Websense alert. Websense Security Labs (2006-02-23). Retrieved on 2006-12-13. “Websense® Security Labs is seeing a significant increase in the number of Phishing kits used to host multiple target brands on a single host and deploy similar attack code on several machines. Currently the most popular is being referred to as the 'Rock Phish Kit'. The kit appears to have surfaced around November of 2005, but the frequency of its use is growing.”
  4. ^ Munir Kotadia (2006-02-28). http://news.zdnet.co.uk/internet/security/0,39020375,39254714,00.htm. ZDNet Australia. Retrieved on 2006-12-13. “According to Internet security company Websense, one of the most popular phishing kits is called Rock Phish Kit, which the company said was first seen last November.”