The Internet is indeed becoming a threshold of different kinds of people. Students and researchers seek new information online. Businesses set up websites so they can tap international markets or widen their customer base. For hackers, meanwhile, it’s a “playing ground” where they can spread viruses in other people’s PCs and, worst, obtain confidential information.

Banks, for one, are never exempted. They are usually victims of what is commonly referred to as phishing. It has been used by fraudulent individuals to gather important bank information, such as your account number, your name, and even how much money you have in your bank. Attempts in phishing would usually present themselves as an e-mail coming from your bank. The message will sound so harmless until you reach the part where you are made to click on a fake log-in page, which can save your details. This is to trick you to enter vital information such as your name and your bank account number. Worse, you are threatened of closure of bank account if you do not comply with the instructions. These e-mail addresses could have been bought from some suspicious individuals.

One perfect example of bank hijacking is the Bank of India. Its website was put in a terrible compromise as it has sent about 30 kinds of malware. This was after Sunbelt Software happen to research on a particular malware concern and was led to the bank’s website. Tracking down the communication or the traces of the malware, they believe that this has been implemented by a Russian Internet syndicate called RBN (Russian Business Network). They are also responsible for other illegal activities found online.

The problem appeared as an IFRAME in the Windows 2003 server, which is being used for the website of the Bank of India. It downloaded multiple types of malware such as Trojan viruses and rootkits to computers that were not patched or with no updated security settings. The TSPY_AGENT.AAVG virus gathers information from any active windows of unpatched end-user computers. They can also collect keylogging information, usernames and passwords for different e-mail clients, and network configuration settings. Russia will then upload these files into the FTP servers and shall be used for illicit transactions.

Re-Tweet This Post