Bank of India Website Attacked. Unsafe currently.
The Bank Of India website (www.bankofindia.com) came under serious attack last night. The site was hijacked and was being used to distribute Malware (Harmful software).
It would be advised not to go visit the site yet. Bank of India is yet to issue any official advisory regarding the exploit.
HTML Source of the Bank of India site: Note the goodtraff.biz in it.
Russian Business Network are the main suspects behind this act.
Updates on all exploits and malware are available HERE.
Quoting from Sunbelt:
"Update: The page is using exploits to install malware.
What we have seen so far:
Email-Worm.Win32.Agent.l
Rootkit.Win32.Agent.dw
Rootkit.Win32.Agent.ey
Trojan-Downloader.Win32.Agent.cnh
Trojan-Downloader.Win32.Small.ddy
Trojan-Proxy.Win32.Agent.nu
Trojan-Proxy.Win32.Wopla.ag
Trojan.Win32.Agent.awz
Trojan-Proxy.Win32.Xorpix.Fam
Trojan-Downloader.Win32.Agent.ceo
Trojan-Downloader.Win32.Tibs.mt
Trojan-Downloader.Win32.Agent.boy
Trojan-Proxy.Win32.Wopla.ah
Trojan-Proxy.Win32.Wopla.ag
Rootkit.Win32.Agent.ea
Trojan.Pandex
Trojan-Proxy.Win32.Cimuz.G
TSPY_AGENT.AAVG (Trend Micro)
Trojan.NetviewFully patched systems should be unaffected. More coming.
Update 2: We’ve cataloged over 22 pieces of malware. Mostly spam-related malware but we did find a pinch Trojan variant. More info coming as we get it. Biggest issue is the sheer volume of malware we’ve had to analyze.
Update 3: As I write this, it is currently 1:20 a.m EST (10:20 a.m. in India), and the malicious IFRAME is still located on the Bank of India website."
Details also at: ZDNet, Labnol
If you enjoyed this post, make sure you subscribe to our RSS Feed OR Email Alerts!
http://www.indianexpress.com/story/213650.html
Hacking week is it? (lol)