Phishers using Google Maps mashup to locate victims

Account holders with at least two Australian banks have become victims of a phishing scam in which malicious code reveals the physical location of affected IP addresses using Google Maps, Computerworld reports.

At least one version of the scam was circulated as a false news report claiming the Australian prime minister had suffered a heart attack. It installs a Trojan and backdoor code to capture all user input as well as compromising a Web server to allow the hacker to hijack the victims’ computer.

The hacker is then provided with details on the number of infected machines in each country, while the Google Maps server is used to translate IP information to pinpoint the machines’ physical location.

“The hackers could correlate user information acquired from the key-logger with knowledge of where a user is located from Google Maps to masquerade as them,” a security expert said. “With this they could access bank accounts and social security numbers.”

The expert said there are around 750 infected desktops in Australia. Bank account holders in Germany and the U.S. have also been targeted.