Bank's hacked server supports phish attack

By Alun Williams

Posted on 14 Mar 2006 at 12:51

Phishing is a familiar online threat, but news has emerged from China of a bank's webserver being used to host phishing sites.

The Shanghai branch of the China Construction Bank, reports Network World, was hacked in order to host the phishing sites, which attempt to dupe visitors into revealing their bank details. The illegal sites were in hidden directories on a server with IP addresses belonging to the state-owned bank.

Apparently, the actual targets of the phishing attacks were eBay users and a major bank in the US, Chase Manhatten Bank. Customers were offered $20 for filling out a survey, with various financial details also being requested (user's ID and password, account number, PIN, etc) with the site using images and style sheets from the Chase website.

Not the sort of online banking transfer people would normally have in mind. The attack was reportedly discovered by Netcraft's free phishing toolbar, which reported a suspicious e-mail.

As was highlighted in Symantec's biannual security report, phishing is a growing phenomenon, but China will play an increasing part in online threats as more of the vast country's citizens come online.

According to Symantec, China recently saw the largest increase in botnet activity with a 37 per cent growth of infected systems and a 153 per cent increase in online attacks originating from the country.