Why go phishing when you can go "whaling"?
The cybercrime practice of phishing — masquerading online as a trustworthy source to try to steal people's sensitive information — is coming up against some serious competition in the form of "whalers."
Whalers are online thieves who prey on phishers — essentially, they are bigger phish in the cybercrime sea. While phishers do all the work, posing as a legitimate company — say, Microsoft — with a dire warning that they say you absolutely need to follow, whalers simply plunder the online databases where phishers keep their stolen info.
Whalers use a tool called an autowhaler, which "checks known phish URLs for common places where a productive phisher would keep their logins," the security firm GFI Labs reported.
In examining these phisher-on-phisher attacks, GFI Labs came across an especially tricky autowhaler that boomerangs on its user.
When someone interested in stealing a phisher's haul downloads the "666 Auto Whaler," he gets more than he bargained for. This particular autowhaler tool is corrupt: It contains a file called "CryptedFile.exe" that is actually a Trojan designed to steal passwords and account login details.
Once downloaded, this file makes the would-be-whaler's system vulnerable to attack.
"Password-stealer creators targeting whalers going after phishers may sound like a humorously confusing mess of bad people hitting each other in the face with bricks … but the gag quickly evaporates once little Jimmy loses five sets of credit card details to the void," GFI Labs wrote.
