Phishing

Apple's Phishing page hosted by Electronic Arts (EA)

Frauds that use its name are not unusual, but phishing pages hosted on another big company's website are definitely worth looking at. Experts have discovered a phishing page hosted on a broken server belonging to Electronic Arts (EA), a world-class video game company.

Phishing

Experts from Netcraft report that the attackers violated a server hosting two domains of ea.com.

This server hosts an old version (1.2.0) of the WebCalendar calendar. This version comes from 2008 and was packed with vulnerabilities that could be exploited by hackers. For example, attackers could exploit the vulnerability CVE-2012-5385, by which they modified the settings and potentially executed some malicious code.

The fake page is designed to look like its login page Apple Lossless Audio CODEC (ALAC), and in which the victims should enter their Apple ID and their password. He then asked for the name and number of the payment card, the expiration date, the CVV number, the date of birth and other personal information.

When information was given to cyber criminals, the victims were transferred to the actual Apple website, so they would not be suspicious.

The problem with phishing pages hosted on trusted servers is that they are very difficult to detect.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.097 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).