Notorious Russian ISP RBN Hacked Bank of India Website

According to Sunbelt, RBN, an ISP known for infamous activities, perpetrated the latest hacking of Bank of India.

As per security company Sunbelt, which recently exposed that Bank of India's infected Website was distributing risky malware, an ISP of the notorious Russian Business Network -- associated with child porn and phishing scam -- is responsible for the incursion.

Sunbelt's investigators were the first to report the attack on August 29, 2007 upon detecting malware implanted in the HTML of Bank of India's Website. The program, in reality an IFRAME action, surreptitiously directed users to a cyberpunk's computer, which spread 22 various kinds of malware onto susceptible computers. As per Sunbelt's research, the malicious code contained a worm, five Trojan horse downloaders, three rootkits, and many passcode pilferers.

Alex Eckelberry, CEO of Sunbelt said, all evidence indicates involvement of the St. Petersburg located infamous RBN mob. VeriSign iDefense has nicknamed RBN as "baddest of the bad, supposedly behind everything starting from spamming, phishing scam to Denial-of-Service (DoS) strikes and online marketing of child porn, reported by the computerworld.com on August 31, 2007.

Conjectures are rife about the mode used to embed the rogue code through a manipulated framework - Mpack, Icepack, Webattacker, akin to the manner it was fixed within Webattacker, stated Eckelberry.

In the September 4, 2007 report issued by Zdnet.com, F-Secure's senior security specialist, Patrik Runald averred, nobody knows anything about RBN. The firm is not certified, thus legally non-existent and hosts all criminal activities.

Runald stated that RBN exploited an Iframe to open another window for hacking Bank of India's Website, which subsequently directed users to a Webpage having malware and comprising links to three separate pages in different servers. When F-Secure began investigating, two out of three URLs had been damaged. The surviving URL was attempting to utilize a 2006 exploit to attack using a Trojan downloader.

The Bank of India attack is the newest instance of hacking an official Website and passing malware to innocent users. The gravest incident occurred in USA this year, when the National Football League's Super Bowl host, Dolphin Stadium's site was invaded just prior to the crucial game.

Related article: Network of Zombie Computers Expanding & Attacks Multiplying

» SPAMfighter News - 9/24/2007