About Me

Nitin Jyoti

Nitin Jyoti

Read More

Feeds & Podcasts

Blogs

Meet the Bloggers

Archive

Tags

#SecChat $1 million guarantee 12 Scams of Christmas access to live fraud resolution agents Acquisition Alex Thurber Android antivirus Apple botnet Channel Partners cloud security Compliance Consumer counter identity theft credit card fraud and protection credit fraud alerts credit monitoring credit monitoring and resolution critical infrastructure Cyber Security Mom cyberbullying Cybercrime cybermom data breach data center data center security Data Protection Dave DeWalt DLP Email & Web Security embedded encryption Endpoint Protection enterprise facebook fake anti-virus software Family Safety Friday Security Highlights global threat intelligence google government Hacktivism how to talk to kids how to talk to teens identity fraud identity fraud scams identity protection identity protection $1 million guarantee identity protection fraud identity protection surveillance identity surveillance identity theft identity theft expert identity theft fraud identity theft protection identity theft protection product Identity thieves and cybercriminals intel iphone kids online behavior lost wallet protection malware McAfee McAfee Channel McAfee Family Protection McAfee Identity Protection McAfee Initiative to Fight Cybercrime McAfee Labs McAfee security products Mid-Market Mobile mobile malware mobile security monitor credit and personal information Network Security online personal data protection online safety Operation Aurora PCI personal identity theft fraud personal information loss personal information protection phishing privacy proactive identity protection proactive identity surveillance Public Sector restore credit and personal identity Risk and Compliance scam scams scareware security smartphones social media social networking social networks spam Stuxnet twitter vulnerability Web 2.0 work with victim restore identity

McAfee Labs :

Compromised Bank Of India Website!

Friday, August 31, 2007 at 3:30am by Nitin Jyoti
Nitin Jyoti

Our friends from Sunbelt reported the Bank of India website as seriously compromised late last night. The main page of this website had a hidden IFRAME linking to a malicious website hosting multiple exploits. An unsuspecting visitor will end up getting infected if their system is not fully patched.

At McAfee Avert Labs, we come across defacements of Indian websites on a regular basis. This is only the second high profile incident where a popular Indian website was compromised to serve malware. A prior incident took place with the national air carrier’s website AirIndia getting compromised to host malware.

Following is a pictorial representation of how the Bank of India website was found to be linked to malicious sites, this morning (Indian time).

Bank Of India Infection

McAfee protects its customers against this threat via script scan. You can read more about this on one of our earlier blogs here. The obfuscated scripts that attempt to exploit users machines are blocked from execution, thereby, nullifying the attack. The script used in this attack was proactively detected as JS/Downloader-AUD.

Following are some of the malware we saw getting downloaded at the time of writing this blog (Credits to Prashanth PR for analysis).

Update: We made contact with the Bank officials and intimated them about the situation. The site has been cleaned up now :-)

Bookmark and Share

Submit your own comments / message for this post

Your email is never published nor shared. Required fields are marked *

 

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Comments (5)

  • Thirty one gifts August 10, 2010 9:17AM

    This is only the second high profile incident where a popular Indian website was compromised to serve malware.I did not quite got the presentation. But I am sure that the guys who did this one. did a great job.

    Reply
  • Fire safety for children September 8, 2009 9:57PM

    I think that they should strenghten their seciruty on thier sites. Specially thet money is greatly involve on thier site. Many people who are capable of doing this are cant wait to get their hands on them.

    Reply
  • Reverse Email Lookup September 1, 2009 11:20AM

    “Its surprising how important websites where finacial transactions take place can have such security lapses ! “

    They are not the first! safety tech is not yet fully developed.

    Reply
  • Sushi August 31, 2007 8:30AM

    Kudos to McAfee !
    Its surprising how important websites where finacial transactions take place can have such security lapses !

    Indian financial institutions need to wake up and smell the coffee ! Its too bad that they cannot be sued at the drop of the hat like in many other countries, if that were the case, they would be more cautious about their customers getting impacted. They need to invest more in making their websites secure !!

    Reply
  • indi_888 August 31, 2007 6:15AM

    Well done Gents,

    Even though India being a major state in Software industry, less importance is given to security in most of the establishments.

    For instance While I was going through this blog a TV channel was flashing a news of a Guy who hacked and posted passwords of few high profile Indian Govt employees.

    Time to wake up and act upon.

    Reply