Security Bytes

Aug 31 2007   5:38AM GMT

Attackers compromise Bank of India, embassy sites

Leigha Leigha Cardwell Profile: Leigha

It hasn’t been a good week for the Bank of India and a number of embassy IT shops around the world. According to several researchers, embassy Web sites are getting compromised and the Bank of India Web site has been taken over as a launching pad for malicious exploits.

According to Computerworld, usernames and passwords for more than 100 email accounts at embassies worldwide have been posted online. Using the information, the publication noted, anyone can access the accounts that have been compromised. The foreign ministry of Iran, the Kazakh and Indian embassies in the U.S. and the Russian embassy in Sweden are among those who have been hit.

Details of the Bank of India compromise are outlined in the blog of Sunbelt Software:

“We have discovered that the Bank of India’s site, bankofindia(dot)com is compromised and is serving malware. DO NOT VISIT THIS SITE,” Sunbelt warns.

The bank’s Web site is being used to drop all kinds of malicious software on victoms’ machines, including:


“We’ve cataloged over 22 pieces of malware. Mostly spam-related malware but we did find a pinch Trojan variant,” wrote Sunbelt President Alex Eckelberry, adding that Windows computers that are fully patched should be protected against infection.

UPDATE, 10:12 a.m. ET: Eckelberry says the Bank of India site is now clean, “thanks to the hard work of a number people involved in security and takedown.”  He offered up this screen shot of the Web site:


 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: