Few days before Bank of India (BoI) site was hacked by cyber criminals and the website was spilling malware and spyware of several types that contained backdoors and trojans. This continued for several hours, and may have adversely affected visitors and users of the site. Currently, the site carries a notice prominently displayed in red:
This site is under temporary maintenance till further notice. Kindly bear with us.
BoI hack story is still not complete - there are many lessons to be learnt from this sad experience when a trustworthy site continued to serve malware and spyware, and became a victim of the activities of the cyber criminals. Before identifying the lessons learnt, a glance over the contents of some of the available materials should be useful:This site is under temporary maintenance till further notice. Kindly bear with us.
#Bank Of India Site Hacked and Serving Malware
#Attackers turn Bank of India site into malware bazaar
#Bank of India site hacked, distributing malware, security vendor says
#Bank of India's website now safe
#Bank of India's website breached
#Bank of India Website Hacked and Dispensing Malware
#The Bank of India.com attack tells : "A new form of web hacking has compromised The Bank of India's website. It goes unnoticed by many online security tools, such as Google's Safe Browsing extension for Firefox, Finjan, NetCraft and PhishTank SiteChecker, and even receives a clean bill of health from SiteAdvisor. Do not visit The Bank of India's website as I believe it is still compromised and will install various malware on your computer."
#And, this one is really an eye opener: Comments on ‘Attackers turn Bank of India site into malware bazaar’. The comments details the deficiencies in the building of the site and begins with these words, "I thought I'd have a peek at the Bank of India Website, just to see what was going on (and to check at least one fact in the article). I saw a small notice that the Website was best viewed on IE 4.0 or higher, at a resolution of 800 x 600. Whenever I see this sort of a notice on a Website, it tells me that the author is not well versed in making a Web page. On a personal Web page, it is merely annoying. For a bank, it should be a red flag." The conclusion is really devastating but candid and based on reality: "This website says only thing ... Little wonder it was attacked; they obviously have no idea how to build and run a website."
No comments:
Post a Comment