Thursday, August 30, 2007

Bank of India Website Hacked

Sunbelt Blog reported that the Bank of India website has been seriously compromised. That was about 8 hours ago. I just checked and it is still compromised. It still has a hidden iframe loading something from goodtraff.biz. I also noticed a lengthy connection to mymoonsite.net, which is listed on Sunbelt researcher Webhelper's CWS list. Mymoonsite is registered by the infamous ESTDOMAINS. They register many malware websites, like ones that have the zlob trojan.

I haven't had time to take a good look at what happened by loading Bank of India's site. I do not recommend going to bankofindia.com until it is fixed. More later, but so far Sunbelt reported the following malware being served:

Email-Worm.Win32.Agent.l
Rootkit.Win32.Agent.dw
Rootkit.Win32.Agent.ey
Trojan-Downloader.Win32.Agent.cnh
Trojan-Downloader.Win32.Small.ddy
Trojan-Proxy.Win32.Agent.nu
Trojan-Proxy.Win32.Wopla.ag
Trojan.Win32.Agent.awz

0 comments:

Sitemeter