Newsletter Sign-Up

Receive the latest technology news and information.

Hacked bank server hosts phishing sites

China Construction Bank may not know that a security vulnerability on its server has been exploited

By Jeremy Kirk

March 13, 2006 12:00 PM ET

IDG News Service - Criminals appear to have hacked a Chinese bank's server and are using it to host phishing sites to steal personal data from customers of eBay Inc. and a major U.S. bank., according to Internet services company Netcraft Ltd.

It may be the first scheme that uses one bank's infrastructure to exploit another bank, said Paul Mutton, an Internet services developer for Netcraft, based in Bath, England.

A user of Netcraft's free phishing toolbar reported receiving a suspicious e-mail, Mutton said. The e-mail led to phishing sites located in hidden directories on a server with IP addresses belonging to the Shanghai branch of China Construction Bank Corp., a state-owned bank with more than 14,000 branches.

One of the phishing sites offered customers of Chase Bank, part of JPMorgan Chase & Co., a chance to receive $20 for filling out a survey. The survey asked for the user's ID and password so the money could be deposited. Further, it requested the person's bank card number, PIN, card verification number, mother's maiden name and their U.S. Social Security number, Netcraft said.

The submitted data is then apparently sent to a form-processing server in India, Netcraft said.

The site pulls images and style sheets from Chase Bank's Web page. The method is known as "hot-linking" or "bandwidth leeching," Netcraft said. But it also leaves a trail, because the server where the images are pulled from retains of log of IP addresses of computers that requested the images, Mutton said.

There doesn't seem to be any advantage to the phishers in using a bank to host the fake page, which doesn't appear as a secure site to the browser. The URL of the site appears as an IP address rather than Chase Bank's domain name, another suspicious indicator.

On Saturday, Netcraft also found a fraudulent eBay log-in page with an IP address registered to the Chinese bank.

The fake eBay page carried a VeriSign seal, which is supposed to take visitors clicking on it to a page on Verisign Inc.'s site vouching for the security of the site. However, the seal vouches for the security of an entirely different site.

China Construction Bank may be unaware that someone has exploited a security vulnerability on its server, Mutton said. It's also possible that the server is infected with a worm that may be allowing unauthorized access, he said.

The scam could also be an inside job. "Anyone who has access to a server, either authorized or unauthorized, could have done it," Mutton said.

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Security

Additional Resources

WHITE PAPER

Do You Know the 7 Steps to Successful Data Migration?

Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.

WHITE PAPER

Total Cost of Ownership of Server Computing Vs. PCs

Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.

WHITE PAPER

IDC White Paper: Linux in a Global Recession

Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

White Papers & Webcasts

Informatica 9 Launch: Transform your Business. Transform your world.

LIVE Nov 10, 2009 12:00 PM ET

Architecting Business Intelligence Applications for Change: The Open Solution

LIVE Nov 12, 2009 02:00 PM ET

Faster, Cheaper and Easier to Maintain
Can you afford not to upgrade your servers to today's advanced, energy-efficient technologies?

Top to Bottom Performance Management Excellence at the City of Chicago
View now.

Global Distributed Service in the Cloud with F5 and VMware
Learn how F5 and VMware help you orchestrate and deliver access to services in the cloud by providing a robust Application Delivery Networking...

Effectively Implementing Datacenter Automation
Effectively select and deploy the best datacenter automation solution today!

Five Steps to Determine When to Virtualize Your Servers
This white paper outlines five solution-agnostic steps to help you determine when to virtualize your servers.

Aligning IT to Business: The Rising Importance of Application Delivery Networks
Application Delivery Networking (ADN) will play a vital role in helping enterprises incorporate strategic technologies to achieve business initiatives.

Application and Server Virtualization: Better Together
While many IT organizations successfully deploy virtualization, some hesitate to deploy application and server virtualization together.

Strategies for Driving Down IT Support Costs with Lite ITIL Practices
View this now!

An Alternative to Virtualization for Datacenter Cost Savings
Server virtualization is a popular option for dealing with mounting datacenter costs.

Mitigate Risk, Lower Costs and Improve Network Efficiency
Create a stable IP network that not only meets today's challenges, but is flexible enough to also meet future demands.

All White Papers | All Webcasts