HackrNews

Security experts at RSA have come across a new tool that automatically creates sophisticated phishing sites, a sign that cybercrooks are getting increasingly professional.

The tool, which RSA calls the “Universal Man-in-the-Middle Phishing Kit,” is available on underground online marketplaces for about $1,000, Jens Hinrichsen, RSA’s product marketing manager for fraud auction, said in an interview Wednesday.

“Unlike other phishing kits which have been in existence for quite some time, this kit is unique because with a very simple user interface you can choose whatever site you’d like to spoof,” Hinrichsen said. “The arms race continues; we on the security side have to continue to escalate resources and invest in technology.”

Phishing scams are a prevalent online threat that typically use fraudulent Web pages and spammed e-mail messages to trick people into giving up personal information such as user credentials or credit card data.

Using the new kit, a fraudster only has to enter variables such as which site should be spoofed and where the fraudulent page will be hosted. The tool then produces a dynamic Web page in the PHP (hypertext preprocessor) scripting language. The fraudster hosts this page somewhere on the Web, typically on a compromised Web server or a free Web host, and lures people to it with spammed e-mail messages or other links.

Unlike traditional phishing Web sites that have static Web pages designed to look like a real online bank or other trusted site, the dynamic page created by the phishing kit actually pulls in the current Web site of the target organization and displays it. However, any data entered is captured by the miscreants, Hinrichsen said.

“Once you enter your credentials, it would be intercepted by that server where the PHP file is hosted,” he said. At the same time, the victim is actually logged in to the legitimate site and may never know he’s been phished.

Shrewd phishers monitor the log-in process to validate that the data they capture is legitimate, Hinrichsen said. An incorrect username and password combination would be discarded. Also, the man-in-the-middle-style attack lets the miscreants continue to eavesdrop on the victim’s interactions with the legitimate Web site, according to RSA.

The most popular phishing targets are banks and online payment services such as PayPal. Auctioneer eBay is also a common target. Fraudsters run phishing scams to collect personal information that can be used for identity fraud.

Phishing protection is becoming common. The latest versions of Firefox and Internet Explorer include phishing shields. Also, security firms such as Symantec and McAfee sell antiphishing software.

Protection technologies typically rely on a list of known bad Web sites and display a warning when a user surfs to one of those. This means, however, that a brand-new fraudulent site won’t be detected. In general, people should be cautious when following links to any site that requires a log in. It is better to type in the address or use a bookmark.

K-Meleon is a fast, stable, and unknown web browser. It has the normal features of browsers such as tabs, and automatic history, cookie, and cache cleaners. Its password manager is very nice, and simple. Another awesome feature of K-Meleon is that it allows you to sort sites into “groups”, which allows you to open a bunch of websites in tabs by typing “group name” in the url bar, and then pressing Shift+Enter. Or to open them along side with your already open tabs press ALT+Enter.
K-Meleon also has standard features such as source viewer and print preview.

What I think kills K-Meleon, is its lack of addons. While FireFox has many many many addons, K-Meleon has a couple hundred. But the best of addons has to be the privacy toolbar, it lets you clear passwords, cookies, and your cache with the click of a button. And lets you disguise your browser as another one like IE6, Opera, Netscape, or your own custom ones
To download K-Meleon, or to do more research about it, goto K-Meleon’s Homepage

Here is a full description of the features of K-Meleon:
Choose Your Desired Bookmarking System

K-Meleon is the only browser that allows you to use your existing Internet Explorer Favorites or Opera Hotlist in place of or along with Netscape/Mozilla’s Bookmarks system.

-”Tabbed” Browsing

Through the layers plugin, K-Meleon offers a convenient way to manage the many sites you may visit during a browsing session. Commonly known as “tabbed” browsing, this feature allows you to keep multiple web pages open simultaneously, navigating easily between them by clicking on each page’s “tab” located beside the others on a separate toolbar within the browser. This can be quite helpful when doing extensive web search as it eliminates the need to go back or forward repeatedly to find a previously viewed page. If you wish to have other applications running, this feature will provide a less cluttered Windows task bar.

Mouse Gestures

Introduced and popularized by Opera, mouse gestures are now a common staple among alternative browsers. Through the mouse gestures plugin, K-Meleon offers a quick, easy way to navigate the web by right-clicking on a page while sliding your mouse left or right to go back or forward. Like all of K-Meleon’s other features, the mouse gestures plugin is very customizable and allows initiation of almost all commands and macros.

Complete Toolbar, Menu, Context Menu, & Keyboard Shortcut Customization

One of the defining characteristics of K-Meleon is its extensive user customization feature. You can easily revamp your main menu and context menus by deleting or adding the items of your choice, access any function from your toolbar or assign any keyboard shortcut to any function. There is no need to extract and compile jar files or download various different extensions which may add other unwanted items to a desired feature.

Block Popup Windows

A hazard of browsing the web is the annoying popup window advertisement. K-Meleon comes equipped with a Popup Blocking feature that blocks these popups and also allows you to quickly enable popups at a particular site.

Fast Load Time

The time it takes for K-Meleon to open from when you click its application icon is the fastest of any Gecko based browser. There is even a symbiotic loader to further reduce start time for older, slower PCs.

Easy Web Searching

Click on the Search button in your toolbar to enter items to search for with Google. By default the keyboard shortcut to view the search prompt is Ctrl+G. This, of course, can easily be changed along with the search engine. K-Meleon also supports searching directly from the URL bar with support for Mozilla keywords and Microsoft Quick Search.

Themes & Skins

K-Meleon is one of the simplest browsers to skin and all of its images can be changed to your liking. Visit the TutorialSkinning Guide for instructions. Various user contributed Themes and Skins are available for download.

Macros

K-Meleon’s unique macros plugin greatly expands its features and capabilities. Take a look at just some of the many examples in the MacroLibrary. Once you gain a better understanding of the MacroLanguage you can customize the macros to your liking or submit new macros of your own.

The Mozilla Foundation released updates for its Firefox browser on Friday to plug a number of security holes, including several crash bugs that have the potential to be exploited and an issue with how the browser handles hostnames.

The open-source group updated both Firefox 2 and 1.5 to versions 2.0.0.2 and 1.5.0.10, respectively. The update includes a single critical-rated patch that fixes three memory corruption issues that cause Firefox to crash but that could also likely be exploited. Another issue with how the application handles the setting of hostnames could aid phishing attacks.

Users should be updated automatically or can select “Check for updates…” from the Help menu.

“If you already have Firefox 1.5.0.x or Firefox 2.0.0.x, you will receive an automated update notification within 24 to 48 hours,” stated a message from the Mozilla Foundation posted on its developers’ blog.

The Mozilla Foundation released the Firefox 2 browser last October, adding improved tabbed browsing and better search options. However, Mozilla and Microsoft–whose Internet Explorer 7 browser shipped a week earlier–competed on their anti-phishing features. The hostnames issue was discovered by Michal Zalewski, a polish researcher that previously discovered a flaw in how both Mozilla and Microsoft’s browsers handled keystrokes.

The update to Firefox 2 fixes some compatibility issues with Windows Vista. Firefox 1.5 does not support Vista and users are advised to upgrade to 2.0.0.2, the group said.