An ongoing phishing attack against UK taxpayers is being given additional credibility by using a gov.uk domain. Sefton Council is hosting the phishing content on its Novel GroupWise 7.0 site at web11.sefton.gov.uk.
The phish follows one of the typical ploys commonly seen in HMRC and IRS phishing attacks: The victim is led to believe that they can receive a tax refund by submitting their full credit card details, but these details are instead sent directly to the fraudster behind the attack.
The fraudulent form submits the victim's details to a PHP script hosted at www.zamoh.biz.
The UK's Central Office of Information is responsible for deciding who can register gov.uk domains. Eligibility is strictly limited, which helps to preserve the integrity of the gov.uk namespace; however, this obviously has an undesirable effect when this integrity is leveraged by fraudulent content on compromised servers. Netcraft has informed Sefton Council about this phishing attack.
Netcraft provides an Automated Vulnerability Scanning service which regularly tests your internet infrastructure, supplies the information you need to maintain your security and eliminate vulnerabilities, and audits that it has found no serious vulnerabilities using a dynamically generated seal.
In the August 2009 survey we received responses from
225,950,957 hostnames — 13.7M less than in
Much of the drop this month is due to the expiry of a large number of sites at The Planet, including 5 million sites in the .pl top-level domain all on one IP address, which were believed to be part of a linkfarm.
Lighttpd had a significant gain this month, rising to over two million sites, just under 1% of the survey. Lighttpd is a webserver designed for high performance environments. It has a small memory footprint, a large feature set and is licensed under a revised BSD license. Originally written by Jan Kneschke, Lighttpd is now maintained by a small team of developers, and now hosts a large number of popular and high traffic sites, including mininova.org and the controversial Pirate Bay.
Total Sites Across All Domains August 1995 - August 2009
|Developer||July 2009||Percent||August 2009||Percent||Change|
Apache.org has been offline for 3 hours this morning, after one of their servers was compromised. Their sites were displaying the message:
The message goes on to say that the compromise is "not due to any software
exploits in Apache itself", but was instead due to a compromised SSH key.
Update: Most of apache.org's sites have been back online this afternoon after they switched over to servers not compromised in the attack. Apache have released more information about the incident: an account used for backups was compromised on a back-end server. This server distributes content to Apache's public web servers, so the attackers used it to distribute scripts to the web servers; once the scripts were public, the attackers could execute them remotely, gaining access to the web servers as well. But these rogue processes were detected, so the servers were taken offline for investigation and clean-up.
New York Internet,
Virtual Internet and
Hosting 4 Less had the most
reliable hosting company sites in July 2009, with each site only failing to
respond to a single request from our performance monitors.
This is Web.com's first appearance as
joint number one. Web.com is the only company in this month's top ten
whose site is served by Microsoft IIS/5.0. Web.com offers a variety of Linux, Windows
and eCommerce hosting packages, as well as managed email and domain name
registration, and web design services.
This month is New York Internet's fifth
at the top of the table this year. They also made the number one spot in
New York Internet offer colocation, dedicated servers, disaster
recovery, web hosting, E-mail, DSL access and managed services.
This is the second month this year in which
Virtual Internet has been joint first, and it has
stayed in the top ten since April.
Virtual Internet offer managed and cloud hosting as well as managed
messaging and collaboration services.
Hosting 4 Less are one of the
most reliable hosting companies for the third time this year, after coming
joint first in
Hosting 4 Less are based in California, and offer web, FTP and eCommerce
hosting. They also run backup4less,
an online backup service.
This month's top ten sees three company sites using Windows (including
Windows Server 2008, 2003 and 2000), as well as three running FreeBSD and
two running Linux.
In the July 2009 survey we received responses from
239,611,111 sites, an increase of around 1.5 million sites from last month. There was a substantial increase in sites on Google's Blogger service, which had 2.2 million more sites in use this month.
Although Microsoft loses active sites overall this month, Microsoft-IIS/7.0 — shipped with Windows Server 2008 and Vista — continues to grow, passing 3 million sites (with 2 million active sites) this month. 2.4 million of these IIS/7.0 sites are in the United States.
nginx had another strong month, gaining over 300,000 active sites at China Unicom and another 100,000 active sites due to continued growth at WordPress.com.
Total Sites Across All Domains August 1995 - July 2009
|Developer||June 2009||Percent||July 2009||Percent||Change|
DataPipe had the most reliable hosting company site in June 2009. The company's site responded without fail to every request made by Netcraft's performance collectors throughout the month.
This is DataPipe's second appearance at the top so far this year. Jersey City based DataPipe has established partnerships with Cisco, FreeBSD, HP, Microsoft, Oracle, Red Hat, Sun, and VMware, and its
commitments to customer service were recognised in this year's
Stevie Awards, where the company was listed as a finalist in the Customer
Service Department of the Year - IT & Telecommunications category. The company
has more than 1,500 customers in six data centres and eight business office
locations in the United States, the United Kingdom and China.
Among June's top ten hosting company sites, four companies (including DataPipe) run their sites on FreeBSD. Three other companies run their sites on Linux, while the remaining identifiable operating systems is Windows Server 2003.