Computerworld
Quick Menu
Search



Ads by TechWords

See your link here


Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Hardware
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
Computerworld 2007Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.
Laptops
Toshiba Laptops with Intel® Centrino® Duo. Free Shipping

Hacked bank server hosts phishing sites

China Construction Bank may not know that a security vulnerability on its server has been exploited
 

Sign up to receive Servers Resource Alerts

March 13, 2006 (IDG News Service) -- Criminals appear to have hacked a Chinese bank's server and are using it to host phishing sites to steal personal data from customers of eBay Inc. and a major U.S. bank., according to Internet services company Netcraft Ltd.

It may be the first scheme that uses one bank's infrastructure to exploit another bank, said Paul Mutton, an Internet services developer for Netcraft, based in Bath, England.

A user of Netcraft's free phishing toolbar reported receiving a suspicious e-mail, Mutton said. The e-mail led to phishing sites located in hidden directories on a server with IP addresses belonging to the Shanghai branch of China Construction Bank Corp., a state-owned bank with more than 14,000 branches.

One of the phishing sites offered customers of Chase Bank, part of JPMorgan Chase & Co., a chance to receive $20 for filling out a survey. The survey asked for the user's ID and password so the money could be deposited. Further, it requested the person's bank card number, PIN, card verification number, mother's maiden name and their U.S. Social Security number, Netcraft said.

The submitted data is then apparently sent to a form-processing server in India, Netcraft said.

The site pulls images and style sheets from Chase Bank's Web page. The method is known as "hot-linking" or "bandwidth leeching," Netcraft said. But it also leaves a trail, because the server where the images are pulled from retains of log of IP addresses of computers that requested the images, Mutton said.

There doesn't seem to be any advantage to the phishers in using a bank to host the fake page, which doesn't appear as a secure site to the browser. The URL of the site appears as an IP address rather than Chase Bank's domain name, another suspicious indicator.

On Saturday, Netcraft also found a fraudulent eBay log-in page with an IP address registered to the Chinese bank.

The fake eBay page carried a VeriSign seal, which is supposed to take visitors clicking on it to a page on Verisign Inc.'s site vouching for the security of the site. However, the seal vouches for the security of an entirely different site.

China Construction Bank may be unaware that someone has exploited a security vulnerability on its server, Mutton said. It's also possible that the server is infected with a worm that may be allowing unauthorized access, he said.

The scam could also be an inside job. "Anyone who has access to a server, either authorized or unauthorized, could have done it," Mutton said.


Reprinted with permission from

IDG.net
Story copyright 2008 International Data Group. All rights reserved.


Print this Story Send Us Feedback E-mail this Story Digg! Digg this Story Slashdot this Story
"Yes, NASA has confirmed that some laptops taken to the International Space Station were infected with an online-gaming password stealing..." Read more...
"Linux is more secure than most operating systems, but Not if you don't practice basic security measures..." Read more...
Read more Security posts or See all Blogs
Cellular operators say they're ready for Gustav
Psystar calls Apple a 'monopoly' in antitrust charges
Doubt cast on Seinfeld as Windows TV ads near
More top stories...
IT workers hit hardest by offshore outsourcing, survey finds
Microsoft: No more Windows Live Mail crashes with IE8 Beta 2
Microsoft warns of IE8 lock-in with XP SP3
Telework can change office dynamics in ways you hadn't anticipated. Proceed cautiously.
Got a painfully slow connection or random dead spots? Our tips will help you get the most out of your wireless network.
Listen up, managers: Employees don't quit the job; they quit you.
Netbooks, ultraportables, mini-notebooks — whatever you call them, they've been grabbing headlines. Are they here for the long term or just a flash in the pan?
Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS.
Four years from now, the IT field will be a vastly different place. Will you be ready?
All Zones
Application Performance Zone
Business Continuity Zone
The File Data Management Zone
Security Management Zone
ITIL Best Practices Zone
The SAS Zone
Business Intelligence and Analytics Zone
Windows Protection Zone
Identity & Security Management Zone

Ads by TechWords

See your link here
Learn-Fast Guide: Get Up to Speed on Green IT

(Source: Computerworld) Whether it's in the front office or the server room, green thinking can save energy, trees and money. From the Editorial Staff at Computerworld, here's the latest thinking on greening your operations.
Download this executive briefing download
Embracing Innovation - The Business Case for PC Blades
Embracing Innovation - The Business Case for PC Blades
Watch this webcast now!
Go to the webcast 
Virtualization Everywhere
Download this white paper, free, compliments of Citrix.
(Source: Citrix) Adoption of virtualization is concentrated among large enterprises, while adoption by mid-sized companies has been much slower. For these companies, the cost and complexity of server virtualization solutions has been a barrier.

In this paper, we'll discuss how Citrix XenServer" provides simple, economical server virtualization for any size company. Download now!

Download this white paper go
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Archiving Compliance with Sunbelt Exchange Archiver
The Impact of Messaging and Web Threats
Advanced Load Balancing: 8 Things You Need to Handle Today's Network Traffic
View more whitepapers