The digital media is abuzz with the news of hacking of Bank of India site by cyber criminals. This was a serious incident indeed, and thanks to the efforts of researchers at Sunbelt Software Inc. which first posted details of the hack.
Reportedly, the site is now clean though currently the site displays a notice prominently as under:
This site is under temporary maintenance till further notice. Kindly bear with us.
This is fine. The Bank does not want to take any risk until the issue gets resolved beyond doubt. However, there is other side to the story. Vikram, in his blog, states: "I visited the attacked website, and it is currently down right now. The malicious code has been removed, and there is no mention of it on the website. It says instead that "This site is under temporary maintenance till further notice. Kindly bear with us." If the maintenance is until further notice, how do we know it is temporary? Clearly they brought it down in response to the malicious code." He has earlier commented in the same blog post: "Clearly, Bank of India's website team is to be blamed here. They have failed terribly at their job of ensuring secure access to their customers."
In the meanwhile, the blogosphere is full of this news. It is proposed to present step-by-step development over the next few days.
To begin with, please read this piece of news from the Economic Times of 1st September, 2007: Hackers play hide and seek with BoI website
Some more links explaining the position (right now, not on chronological order) are given below:
Bank of India, compromised! The website of the Bank of India at www.bankofindia.com has been compromised. You can read about the attack on the Bank of India site at the SunBelt Blog. This is a fairly big issue ...
Another report of 2nd September, 2007 (please don't be wary as regards the dates as this post is being updated from time to time) screams Russian hackers play with Bank of India site ... "Yesterday, security experts reported that a group of hackers from Russia had breached the Bank of India site for a while, and played with it, by introducing the users of the site to a variety of malware attacks. Experts contend, that attacks against high profiles sites like Bank of India are not that uncommon, but some of the internet’s trust broker sites such as McAfee’s siteadvisor.com were showing the site to be trustworthy even during the time that it was hacked."
No comments:
Post a Comment