Netcraft: Phishing for Fun & Profit

“Give a man a phish and he feeds you for a day, teach a man to phish and he feeds you for a lifetime.”

Want to make some quick money without spending months writing code? Easy! Use a phishing kit!

You have “found” some phishing kits - targeting banks and payment systems used by people all around the world - and are ready to go phishing. The kits look sophisticated: accurate IP address control lists, to serve benign content to security and hosting companies; compelling mail lures; an SMS gateway account to send texts; and a scanner to find and hack into all those juicy WordPress sites…

You’ve got to be careful though - you know that the criminal masterminds who have written these kits will have used every conceivable trick to send themselves a copy of the stolen credentials when their code runs (these kit authors like to reap all the rewards without doing the legwork of setting up the phish!). Before you start your phishing attack, you have to find each and every one of those covert channels, replacing them with locations under your control. If you miss just one, then you’ll be giving away all of your credentials for free!

In 2012, UK banks lost an estimated £40 million to phishing attacks (The UK Cards Association). Scaling up (the UK is around 4% of the Internet) projects global losses of around £1 billion per annum.

Netcraft is running a workshop where you can learn how to reverse-engineer the obfuscated code behind real world phishing attacks, using both static and dynamic analysis. You will discover how this process can be used to identify attacks, disrupt fraudsters, and stem the flow of easy money gushing towards the Internet criminals.

Your challenge, after a short tutorial outlining and illustrating the concepts, is to compete against your peers to analyse a selection of real world phishing kits. Your objective is to locate all of the destinations to which the stolen credentials are sent. Netcraft staff will be available to help.

To take part, bring your own laptop with a web browser and an SSH client (e.g. Putty http://www.chiark.greenend.org.uk/~sgtatham/putty/ for Windows users; OpenSSH for Linux/Mac users).

Swotting up on obfuscated PHP may improve your chances.

Pizza and drinks will be provided at the event.

Netcraft’s previous workshops have been very popular. Please book early to avoid disappointment if we hit a room size limit.