Bank of India home page was hacked - and serving malware/viruses for almost 7 hours
I just read that on a Ryan Naraine blog that the Bank of India web site was compromised and the web page was serving up malware and viruses for nearly 7 hours.
Anyone that is reading this blog and has an account with Bank of India should be suspicious and (ideally) take their money somewhere else :-) Or at least ensure that their home PCs are disinfected.
Additional information for people that might be interested in what this attack means:
According to the article (F-Prot and McAfee were among the forms that raised the alarm) contacted Bank of India and worked with them to clean up the problem. But instead of shutting down the web site and protecting their customers, the web site kept running for over 7 hours. Either they are totally incompetent, or the traditional Indian banks' bureaucracy needed an act of God to shut down the web site.
Although you could think of this as something not alarming (after all, it is only an unpatched, unprotected computer that was affected by this web hijacking), you would be wrong.
The principle that has just been demonstrated here is that common web sites that people assume to be safe, can be hijacked. Knowing that most people in India have virus ridden PCs at home, including illegal versions of windows that are not subscribed to Microsoft's automatic patching, anti-virus software that has not been updated in years (probably since the pirated version was installed during the purchase of the PC), I won't be surprised to hear that this in-your-face attack results in more zombies populating the Indian home PC market.
Although RBN (Russian Business Network) which is thought of as being behind this attack, may have no interest in Indian Rupees, what is scary for the rest os the world is that such hijacks could result in other, more familiar, websites getting hacked.
Another thing that I would be scared of, if I had money at BoI, is the extent to which BoI's systems have been hacked. After all, if the main web page was hijacked, it means their server was compromised. And a compromised bank server means there must have been - probably still has one - a hole in their security system. And no one knows how long that hole has existed. Which means no one knows how safe their accounts are with BoI.
What are the things you can do? In no particular order:
1) Switch from Windows to Ubuntu - I have done it with my kids' computers and there is little you cannot do with Ubuntu, that you can do with Windoze. Remember, Ubuntu is Linux - and is free.
2) If you are still inclined to stick with Windoze (I am - becuse of work requirements - need investigation to see if I can switch - plus wireless cards are still rather fragile with Ubuntu - mine isn't supported), make sure that it is legal.
3) If it is not legal, go and spend the money to buy a legal version of Windoze. Install it.
4) Buy anti-virus software and a subscription. You can also install something like AVG (which is free for individuals) that also has auto updates. Preferably have 2 anti-virus softwares installed
5) Install a router at home, including a hardware firewall that usually comes with the router. Remember to turn on the router firewall. That is your first line of defense.
6) Install a firewall on each of your home computers - Zone Alarm is free. So is Comodo firewall. But you need just one. Choose whichever you feel is friendlier - most people will prefer Zone Alarm. Being a geek, I prefer Comodo personal firewall.
7) Install something like WinPatrol which will monitor your registry and other sensitive areas of your PC and tell you if any unusual activity is detected. A similar program that could be used is SpyBot. I use both (being a little paranoid). Bith are free programs, but require registration - use a fake e-mail address to register, but make sure you can monitor the fake email address.
8) Install Adaware from Lavasoft. It will specifically check for malware that may be installed on your PC. Set it up to run at startup (and if you have Scotty from Winpatrol or SpyBot installed, you will get a warning that something is trynig to install itself to run at startup - click OK). I don't remember other anti-malware products. Maybe someone else may come up with additional ideas.
9) Use Firefox to browse the web, instead of InternetExploder. I only use Firefox.
10) Use any e-mail client other than Outlook or Outlook Express. There are commercial products available. Thunderbird (from the Firefox family) is a nice product. I don't use any e-mail client - I only use web mail - either Gmail or Yahoo Mail.
9) Develop a healthy sense of paranoia when using the Net. Click on links that people send you only if you trust them. Similarly, forward links to people that you *know* are safe.
Of all the tips, I think it is easiest to use 1 instead of 2 thru 9. But I have done both.
I just read that on a Ryan Naraine blog that the Bank of India web site was compromised and the web page was serving up malware and viruses for nearly 7 hours.
Anyone that is reading this blog and has an account with Bank of India should be suspicious and (ideally) take their money somewhere else :-) Or at least ensure that their home PCs are disinfected.
Additional information for people that might be interested in what this attack means:
According to the article (F-Prot and McAfee were among the forms that raised the alarm) contacted Bank of India and worked with them to clean up the problem. But instead of shutting down the web site and protecting their customers, the web site kept running for over 7 hours. Either they are totally incompetent, or the traditional Indian banks' bureaucracy needed an act of God to shut down the web site.
Although you could think of this as something not alarming (after all, it is only an unpatched, unprotected computer that was affected by this web hijacking), you would be wrong.
The principle that has just been demonstrated here is that common web sites that people assume to be safe, can be hijacked. Knowing that most people in India have virus ridden PCs at home, including illegal versions of windows that are not subscribed to Microsoft's automatic patching, anti-virus software that has not been updated in years (probably since the pirated version was installed during the purchase of the PC), I won't be surprised to hear that this in-your-face attack results in more zombies populating the Indian home PC market.
Although RBN (Russian Business Network) which is thought of as being behind this attack, may have no interest in Indian Rupees, what is scary for the rest os the world is that such hijacks could result in other, more familiar, websites getting hacked.
Another thing that I would be scared of, if I had money at BoI, is the extent to which BoI's systems have been hacked. After all, if the main web page was hijacked, it means their server was compromised. And a compromised bank server means there must have been - probably still has one - a hole in their security system. And no one knows how long that hole has existed. Which means no one knows how safe their accounts are with BoI.
What are the things you can do? In no particular order:
1) Switch from Windows to Ubuntu - I have done it with my kids' computers and there is little you cannot do with Ubuntu, that you can do with Windoze. Remember, Ubuntu is Linux - and is free.
2) If you are still inclined to stick with Windoze (I am - becuse of work requirements - need investigation to see if I can switch - plus wireless cards are still rather fragile with Ubuntu - mine isn't supported), make sure that it is legal.
3) If it is not legal, go and spend the money to buy a legal version of Windoze. Install it.
4) Buy anti-virus software and a subscription. You can also install something like AVG (which is free for individuals) that also has auto updates. Preferably have 2 anti-virus softwares installed
5) Install a router at home, including a hardware firewall that usually comes with the router. Remember to turn on the router firewall. That is your first line of defense.
6) Install a firewall on each of your home computers - Zone Alarm is free. So is Comodo firewall. But you need just one. Choose whichever you feel is friendlier - most people will prefer Zone Alarm. Being a geek, I prefer Comodo personal firewall.
7) Install something like WinPatrol which will monitor your registry and other sensitive areas of your PC and tell you if any unusual activity is detected. A similar program that could be used is SpyBot. I use both (being a little paranoid). Bith are free programs, but require registration - use a fake e-mail address to register, but make sure you can monitor the fake email address.
8) Install Adaware from Lavasoft. It will specifically check for malware that may be installed on your PC. Set it up to run at startup (and if you have Scotty from Winpatrol or SpyBot installed, you will get a warning that something is trynig to install itself to run at startup - click OK). I don't remember other anti-malware products. Maybe someone else may come up with additional ideas.
9) Use Firefox to browse the web, instead of InternetExploder. I only use Firefox.
10) Use any e-mail client other than Outlook or Outlook Express. There are commercial products available. Thunderbird (from the Firefox family) is a nice product. I don't use any e-mail client - I only use web mail - either Gmail or Yahoo Mail.
9) Develop a healthy sense of paranoia when using the Net. Click on links that people send you only if you trust them. Similarly, forward links to people that you *know* are safe.
Of all the tips, I think it is easiest to use 1 instead of 2 thru 9. But I have done both.
Labels: bank of india, hacking
posted by IndianĀ© at 4:14 PM
0 Comments:
Post a Comment
<< Home