Robert McMillan disputes the definition above, saying that "security experts" call such a description inaccurate. He says Rock Phish is defined as a hacker or group of hackers stated to be behind "one-half of the phishing attacks being carried out these days." Because of the elusive nature of Rock Phish, the article reports Symantec as comparing it with the movie character Keyser Söze. VeriSign reports them as a group of Romanian origin. In the April 2007 edition of PC World, in an article entitled "Online Criminals are Thriving even in the face of New Automated Defenses" calls Rock Phish "a single phishing gang". This report that calls them the Rock Phish gang comes from a research firm known as Gartner, supported by RSA.
Jeff Singleton of HackDefendr Security rebuts Robert McMillan's claim as invalid for the information presented on this page. The correct information of the hacking group called the Rock Phish Gang in comparison with the type of attack via the kit which are also called Rock Phish are in fact different. The authors of the kit remain anonymous, Rock Phish has become the most popular phishing kit available online, with some estimates suggesting that the kit is used for half of all phishing attempts.
Independent of what definition is used, rock phishing is often used to refer to phishing attacks with some particular features. To minimize the effects of takedown, rock phishers work by registering a large number of domains, which are used to host scripting files that send and receive information from the perpetrator’s main host. These types of attacks are hosted in such a way that they can be displayed on any compromised machine controlled by the perpetrators. Furthermore, advanced scripting set up by attackers allows the domains to move from ISP to ISP without any human intervention. Given that these types of online criminals have a deep knowledge of and experience in online exploitation, finding the source of and controlling damages done as a result of a rock phishing attack becomes extremely challenging.
An account of rock phishing tactics was presented at APWG eCrime '07.
Read more about this topic: Rock Phish
Famous quotes containing the word rock:
“Compare the history of the novel to that of rock ‘n’ roll. Both started out a minority taste, became a mass taste, and then splintered into several subgenres. Both have been the typical cultural expressions of classes and epochs. Both started out aggressively fighting for their share of attention, novels attacking the drama, the tract, and the poem, rock attacking jazz and pop and rolling over classical music.”
—W. T. Lhamon, U.S. educator, critic. “Material Differences,” Deliberate Speed: The Origins of a Cultural Style in the American 1950s, Smithsonian (1990)