Bank of India is hacked and dangerous

Bank of India is hacked and dangerous

Summary: Security experts are warning Bank of India customers to steer clear of its official Web site because it is serving up several information-stealing Trojans.


Security experts are warning Bank of India customers to steer clear of its official Web site because it is serving up several information-stealing Trojans.

Security firm SunBelt has reported that code on the site attempts to load 22 instances of spam-related malware and three information-stealing trojans -- "Pinch Trojan", TSPY_AGENT.AAVG and Trojan.Netview.

The Bank of India is yet to remove the malware and SunBelt warns users not to visit the site.

A variant of the Pinch Trojan was noticed earlier this year by Finnish security firm, F-Secure. Information the trojan collected included the version of Windows being used and its licence key, usernames and passwords from stored e-mail accounts in both Outlook and Thunderbird as well as passwords from Internet Explorer, Firefox and Opera.

SunBelt reported that Trojan.Netview is particularly dangerous in networked environments where infected users might have access to unprotected shared drives containing sensitive information. The Trojan is capable of uploading "interesting" files to an FTP server in Russia.

Nishad Herath, senior researcher at McAfee said the hacked Web site is "a very serious situation".

"Unfortunately, the problem is that if the actual site is hacked to host malicious content, there's very little that can be done to identify it before viewing the content," he said.

This method of distributing malware by exploiting browser vulnerabilities has gained momentum in past months. Sophos reported in August that the number of hacked Web sites had risen from just 5,000 to over 30,000 per day.

The Sydney Opera House Web site in June was hosting malware that could potentially exploit browser vulnerabilities.

"The good thing is that a lot of security software does protect against browser delivered malware," said Herath.

Herath said that while multi-layered security solutions can't protect against everything -- in particular unknown threats -- advances in heuristics-based defences do provide backup protection against these.

Topics: Banking, Malware, Security, India, Enterprise 2.0

Liam Tung

About Liam Tung

Liam Tung is an Australian business technology journalist living a few too many Swedish miles north of Stockholm for his liking. He gained a bachelors degree in economics and arts (cultural studies) at Sydney's Macquarie University, but hacked (without Norse or malicious code for that matter) his way into a career as an enterprise tech, security and telecommunications journalist with ZDNet Australia. These days Liam is a full time freelance technology journalist who writes for several publications.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Yet another reason to use Linux!

    Now that the threats are being given to us by simply visiting infected websites, and not via email, this is yet another reason to use Linux (which is free). Or at the very least, use VMWare Player (also free), and the Browser Appliance (also free) to surf the Internet.

    It seems that this is the only way to guarantee that you are not affected with something intended for Windows systems! Relying on Microsoft to issue a patch, or a security company to issue an update against these threats is not my idea of a secure system. Especially when my banking details are under threat.
  • Malaware

    It is interesting to note that the Sydney Opera House and the Bank of India use Microsoft server..
  • oh uh?

    and may be Windows servers they use too:,130061733,339281510,00.htm

    your "note" is just one more of anti-american ones.
  • oh uh?

    what the heck are you saying?
    seem a camel.
    go study IT security A MINIMUM, then come back in public to say something with a few sense. well. as I am today in a good day and feeling good, so I will recommend you start by, CERT site,,