Earlier this week, "RSA":http://www.rsa.com/ issued a warning that Rock Phish has updated their "attack methods":http://www.darkreading.com/document.asp?doc_id=151558&WT.svl=wire_2. Dark Reading "writes":http://www.darkreading.com/document.asp?doc_id=151558&WT.svl=wire_2
"Rock Phish attacks are estimated to account for more than 50% of phishing attacks world-wide and to be responsible for the theft of tens of millions of dollars from users bank accounts."
The new Rock Phish attack combines phishing with a potent Trojan. When users navigate to the phishing site, Zeus, the Trojan, installs automatically onto their computers, compromising personal information revealed through future internet use, and allowing the computer to be externally controlled, according to "ITNewsAustralia":http://www.itnews.com.au/News/NewsStory.aspx?story=74663. Uriel Maimon, an RSA representative, opined: "The Zeus Trojan has many startling capabilities... As I look on this blissful union of fraud and crime technologies, I can only envy the criminals who can find such coupling." This type of potent cooperation is becoming increasingly common within badware production
Despite longevity (they have been suspected of operating since 2004) and level of activity, Rock Phish has managed to remain hidden, inspiring disagreements as to whether it is a group, an individual, or even how the term "should be applied":http://en.wikipedia.org/wiki/Rock_Phish. Rock Phish has been known for innovative phishing capabilities including unique URL generation to circumnavigate blacklist restrictions.
This new level of interaction will no doubt be as problematic as it is interesting.