Last week, the Bank of India web site was hacked…
A series of exploits were embedded into pages on the site that would infect any unpatched Windows computer that visited it. It appeared to be a ‘professional’ attack with a criminal intent rather than the work of recreational hackers with some time to kill.
We all hear about these types of attacks - there are stories like this on pretty much a weekly basis.
So why am I’m posting on this particular attack?…
Two reasons. First is the sheer scope of it - according to researchers at Sunbelt Software, Inc., there were 22 malware/spyware agents embeded in the site. This ran the gamut from simple adware trojans to agents that grabbed personal data and sent it back to offshore servers. Nasty stuff.
The second reason I wanted to post on this is that a security expert, Roger Thompson (CTO of Exploit Prevention Labs Inc.) took the time to put together a video of the hack showing what happened when someone visited this infected site. In the video, he uses debugging tools to show exactly what was being installed and executed on an unsuspecting, unprotected user’s system once they connected to the Bank of India’s URL.
It’s clear from the multiple concurrent attack types and variety of insertion methods used by these hackers that they were determined to compromise anything but the most currently patched systems. And as often as we hear about it, sometimes it helps to be reminded how ruthless these attackers can be. This video does a good job of that.
It’s easy to become complacent, but being online does requires a level of vigilance, and a big dose of common sense.
And every now and then, a little paranoia can be a good thing too…
Hey! Nice blog posting about at The Digital Edge Blog. I would have to agree with you on this one. I am going to look more into offshore bank. This Saturday I have time.