“‘These things are incredibly sophisticated, and when they take
over a computer, most [users] don’t know it,’ he said. ‘With every
single phishing site [Washington Mutual has] shutdown, not one
person was aware been aware that their machine was compromised and
used for phishing. That includes university servers and company
servers and personal PCs and all sorts of things.’“More interesting is that most of the compromised machines were
not Windows machines. ‘The vast majority of [the phishing sites] we
saw were on rootkit-ed Linux boxes, which was rather startling. We
expected a predominance of Microsoft boxes and that wasn’t the
case.’