Bank of India site hacked
The Web site of the Bank of India has been hacked and is now an unwitting dispenser of an enormous amount of malware code to visitors, including rootkits and trojans, according to Sunbelt Software, which advises not currently visiting the Bankofindia.com site. âItâs very pernicious stuff,â says Alex Eckelberry, president of security firm Sunbelt Software.
Eckelberry says some of Sunbeltâs employees happened to be doing research during the past few hours and visited the Web site and determined it was infected with at least a dozen malware programs attempting to infect any vulnerable machine used by someone visiting Bankofindia.com.
âWe have Indian employees here trying to share this information with them now, which weâre also sharing with organizations such as CERT,â Eckelberry says. âItâs a huge payload of malicious code,â which Sunbelt is still analyzing, he says.
The payload from the Bank of India site is said to be attempting a number of Internet Explorer exploits to break into computers that may not be fully patched. Other types of software-application exploits may also be involved, which Sunbelt is still analyzing.
âSomehow the hackers managed to insert this code into the Web site,â Eckelberry says. âWeâre seeing lots of rootkits and trojans, though not yet a keylogger.â
Sunbelt says the situation is still fluid and every effort is being made to notify Bank of India, described as a government-operated site with more than 2,000 branches.