Phishing Attack on Gnome

April 5, 2009, 4:23 am

Today, the Data Center has shut down the Gnome server (72.232.186.26) for several hours after discovering two accounts from our clients hosting a phishing website for Bank of America and Wells Fargo.

We coordinated with the DC engineers to get the server back online so we could investigate and remove the phishing sites.

It turns out that the two accounts by clients have folders that were open and allowed culprits to upload a zipped file of the fake website and extract them. We have deleted the files and secured the folders. We’re still looking into other client accounts that may have similar cases.

We request all clients to regularly and actively check their accounts for open folders (CHMOD them to 644) and update any add-on scripts or web apps they have installed so to avoid similar incidents in the future.

Posted by admin under: Gnome, Security

  • Phishing Site on Gnome
    • The Gnome server was temporarily shut down by the Data Center for a phishing site made by one of the new clients placed on this
  • Phishing Sites on Gnome
    • Several accounts have been reported on this server as having fraud sites (of banks, Paypal, etc) and the server has been put on probation by
  • Security Basics: Social Engineering
    • It has been said the the users are the weakest link in the security chain. This is especially exemplified in Social Engineering. This is a
    plogHost Web Services

    Calendar

    March 2010
    M T W T F S S
    « Apr    
    1234567
    891011121314
    15161718192021
    22232425262728
    293031  

    Most Recent Posts