Indian bank site restored after malware attack

The website of Bank of India, one of India's leading banks, was restored early on Tuesday. The bank originally closed the site on Friday after it found that the site had been hacked and was dispensing malicious code.

Share

The web site of Bank of India, one of India's leading banks, was restored early on Tuesday. The bank originally closed the site on Friday after it found that the site had been hacked and was dispensing malicious code.

Sunbelt Software, a provider of security software in Clearwater, Florida, alerted users last Thursday on its blog that the bank's site had been compromised and advised them not to visit it.

Unidentified hackers had inserted malicious code into the bank's main web page, a senior employee familiar with the situation said, speaking on condition of anonymity. The bank's designated spokesman on this issue was not immediately available for comment.

As a result, persons coming to the bank's web site were likely to be temporarily redirected to another site where Trojans and other malware were downloaded onto their computers, the employee said. The user was then brought back to the bank website.

The bank's IT staff first thought they had the situation under control Friday morning, until they found that each time they changed the index page for the web site it was immediately replaced by the hackers. The bank then decided to bring the web site down.

"The web site was hosted externally by a hosting company in the US," the employee said. The bank has since changed the company hosting the service, though the employee clarified that the change in hosting provider had been on the cards even before the hacker attack.

The attack on the website did not however affect the bank's online banking operations, according to the employee. The bank's customers access online banking services through a link on the home page of the bank's website. The online banking service is provided to users from well-protected servers hosted and monitored within the bank by Hewlett-Packard, the employee said.

The bank is as yet not clear about the identity of the hackers, although Sunbelt suggested in its blog that it was a criminal gang called the Russian Business Network (RBN). "We have called for the logs from the hosting provider in the US, and we may have some definite information then," the employee said.

Now read:

Egg blames Cable & Wireless as website restored

Hackers deface UN site

Find your next job with computerworld UK jobs