PhishBlock Wiki
A program that detects and blocks phishing, pharming, Hacker's C&C.
Status: Beta
Brought to you by:
gordonahn
Menu
▾
▴
Home
Welcome to your wiki!
This is the default page, edit it as you see fit. To add a new page simply reference it within brackets, e.g.: [SamplePage].
The wiki uses Markdown syntax.
Project Members:
- Gordon Ahn (admin)
Discussion
PhishBlock v0.9
1.Introduction
PhishBlock is a security program that detects and blocks
Phishing, Pharming, Hacker’s C&C(Command and Control) Servers
which are located in databases with URLs, DNS hostnames, and IP Addresses.
This program detects and blocks Malware URLs, bad Hosts, and bad IP addresses.
Recently, most malware codes are delivered covertly to users’ personal computers
through Google ads, SNS, Blogs, BBS and so on, which users visit often.
And After the malware codes connect the C&C server(or Botnet),
they attack, and steal information, repeatedly and persistently.
Currently, there is a lack of affordable software to protect
individuals personal computer’s from detecting and blocking these malware features.
The products that do exist are unaffordable
as they range in price from $10,000 ~ $500,000 USD
and they do not specifically protect windows users on personal computers.
Generally, virus vaccine programs only detect and
block files already existing inside a users’ personal computer.
But PhishBlock detects and blocks harmful files
at the network entrance of personal computers.
This is done by using a network filter driver.
So what does this mean? It means that PhishBlock eliminates all viruses
from ever entering your computer.
In addition, it takes up very little memory
and because of the network filter driver,
there is no affect on your network performance or CPU usage.
And to top it off, it’s free.
2. Future works
The current version of PhishBlock detects and blocks malware URLs,
Hostnames and IP addresses based on databases.
It uses very little memory and does not affect network performance or CPU usage.
It can be installed and uninstalled safely and quickly.
In the future, PhishBlock is going to have many more features.
With a new, specialized algorithm for extra protection against pharming malware.
We will also offer an ad-blocking feature to eliminate annoying pop-up ads
from appearing on your computer.
We also plan on joining forces with VirusTotal.com,
which is one of the best virus management sites around.
Our users will be able to utilize all of the malware systems
on VirusTotal.com without having to directly sign up with them.
All of these features will be available in the new version of PhishBlock which will be available soon.
The final target of PhishBlock is to offer an affordable, more proactive prevention program to replace traditional vaccine programs.
Main Features
-. Detect/Block Phishing/Malware based on URL.
-. Detect/Block C&C Server (Botnet) based on DNS hostnames & IP Addresses.
-. Detect/Block Fraud/Scam/DDos/Fake Contents based on URL & DNS hostnames.
-. Using Low Memory and barely affects network performance or cpu usage.
-. Scanning Internet Browser Cache for Malware by Yara Rule (6,000rules).
-. Database Contents (Source: PhishTank.com, Spam404.com, ClamAV.net etc.):
Phishing / C&C Servers / Fake Content / Get Rich Quick Scam / Malware / Fraud / Spam / Rogue Pharmacy / DDos Service
-. Available OS(32bit, 64bit):
? Windows: XP, 2003, Vista, Win7, Win8 and more.
? Linux: Under developing.
? MacOS: Under developing.
3. Terminology
Phishing is the attempt to acquire sensitive information
such as usernames, passwords, and credit card details (and sometimes, indirectly, money)
by masquerading as a trustworthy entity in an electronic communication.
Pharming is a cyber attack intended to redirect a website's traffic to another, fake site.
Pharming can be conducted either by changing the hosts file on a victim's computer
or by exploitation of a vulnerability in DNS server software.
C&C Server (Botnet) is a collection of Internet-connected programs
communicating with other similar programs in order to perform tasks