Wysłany: Pią 3:37, 30 Mar 2007 |
|
|
|
Thomas speculates that an employee or other insider may have simply walked out of iBill with the transaction records to sell on the data black market.
What happened with the records from there is anyone's guess. The 1 million addresses found by Sunbelt Software were being used for spamming. Sunbelt found the database by tracing malware-infected computers as they connected to the internet to refresh their list of spam targets. The target list turned out to be the iBill database, hosted on a rogue website.
Secure Science's James says the 17 million database entries he found is prime data for spamming, phishing attacks, pretext phone calls and even possible hacking of vulnerable computers at the IP addresses listed.
Independently, Wired News found that entries from the smaller cache are listed as mortgage leads on a spammer community site, specialham.com. (The website's homepage offered no contact information and Wired News was unable to reach the registered owner of the domain, one "Juice Wobble.") This suggests that the database was marketed as a lead list for outside businesses. "I can attest to the fact that this goes on with phishing groups," says James. "They break in and steal leads and then sell those leads to (black market) leads companies, who resell them to legitimate companies, and sometimes the same companies they stole them from."
[link widoczny dla zalogowanych],
[link widoczny dla zalogowanych] bay!!! [link widoczny dla zalogowanych] |
|
|
|
|
|