Hackers in Phishing Spam Allegedly used Google Maps

"Victims in Australia, Germany, and the U.S. are being targeted by a phishing scam that reveals their location using Google Maps.", reports Darren Pauli, of Computer World Australia.
Account holders with at least two Australian banks have become victims of a phishing scam in which malicious code reveals the physical location of affected IP addresses using Google Maps. Bank account holders in Germany and the U.S. have also been targeted.
The software installs a trojan capable of key-logging user activity, hijacking infected computers.
........It installs a trojan and backdoor code to capture all user input as well as compromising a Web server to allow the hacker to hijack the victims' computer.
The hacker is then provided with details on the number of infected machines in each country, while the Google Maps server is used to translate IP information to pinpoint the machines' physical location.
Websense Australia and New Zealand country manager Joel Camissar believes hackers could potentially use Google Maps to assist in identity theft.
"The hackers could correlate user information acquired from the key-logger with knowledge of where a user is located from Google Maps to masquerade as them," Camissar said. "With this they could access bank accounts and social security numbers."
Westpac and the Commonwealth Bank were among those specifically targeted in Australia, while Bank of America and Germany's Deutsche Bank were also attacked. Westpac and the Commonwealth Bank were unavailable to comment at the time of publication.
Sophos senior technology consultant Graham Cluley said users are directed to a 404 error page which downloads the code.
"Recipients of the e-mail are encouraged to click on a link to obtain the latest information on Howard's health; however, this link takes users to a Web page which downloads malicious code to their PC, and then displays the real '404 page not found' error page," Cluely said.
"The scammers have registered several domain names that appear to be associated with a newspaper, and have gone to great effort to make people think that they really are visiting the genuine site by pointing to a real error page."
"Everyone should be on their guard against this kind of e-mail con-trick, or risk having their PC infected."
:Bullet Points:(ITBusinessEdge), says,
"As previously reported, the hackers had sent fake e-mails purporting to tell readers about Australian Prime Minister John Howard’s recent heart attack — an event that did not occur — and directed them to realistic-looking Web sites masquerading as online newspaper sites."
Last month, Google Maps was in the news after The London Telegraph reported that terrorists used the service to target UK troops.

==================================================

This vulnerability is of great concern for all of us. If not 'nipped in it's bud', millions of infections from more destructive exploits can not be in distant vision. If a single major website can be hacked by smuggling the trojan, millions also could .
More light must be thrown in details by security experts , to clear confusions created by such stray and individual incidents of unscrupulous hacking. We all expect Microsoft, Google and all concerned come with their voices out in the open.
Any one who can come in aid to this threat with any more authentic news is welcome.
BEST OF FUTURE