Bank of India's Website has been Compromised by Trojan downloader: F-Secure

Bank of India’s Website has been Compromised by Trojan downloader: F-Secure

By Administrator -
Aug 31, 2007 |
Internet News,
Security News

Bank of India website screenshot

F-Secure has reported about a compromise of Bank of India’s website. This news originally comes from the Sunbelt Blog.

There exists a malicious code that has apparently been inserted into the sections on the site that tries to compromise the visitor’s computer. The code then tries to install malware containing a number of worms, on the targeted victim. Here’s what the security site reads:

On the front page of the site a hidden iframe has indeed been inserted and it loads a URL from another website.

Bank of India compromise screenshot

This file in turn uses three iframes to load three other URLs.

Bank of India website trojan

Two of the URLs are now down but the third one contains an obfuscated JavaScript that uses exploits to download and run a file called ‘loader.exe’. This file is a small downloader which downloads additional files which are different password stealing trojans, additional downloaders etc. We detect all of the malicious files with the latest update.

Update: The malicious iframe has been removed from the front page and it’s now safe to visit the site again.

Well, the last line should surely give most of us a sigh of relief!

No Responses to “Bank of India’s Website has been Compromised by Trojan downloader: F-Secure” Post a comment

Your Comments

Reviews

Latest News:

Subscription

Tech Shout