Dedicated to Deposits: Deals, Data, and Discussion

Amboy National Bank's Websites May Have Been Hacked

POSTED ON BY

Amboy National Bank's website and its Amoby Direct website may have been hacked today. The only thing that is being displayed at around noon today is the following:
Fatal Error ownz you - #Ferror irc.gigachat.net By : Elemento_pcx ;* IIS devolta e sempre
It appears to have been a defacing type of attack. I think Amboy outsources its online banking so it's likely that no account data was compromised. So the only results of this may be that the website being down for a little bit. I called the Amboy's service number (1-877-22-AMBOY) and the service rep would only confirm that their IT department is working to restore the website. She didn't have any more details.

I did some searching for similar attacks. I found this South African news article which reported on attacks on South African university websites in 2002. In those cases, website content was removed and replaced with the message:
badsector ownzz...greetz: Elemento_pcx - phyr3 - JTec bads3ctor@linuxmail.org

Note the similarities. The article mentioned that all of these websites had been running Windows 2000.

This highlights the need for strong network security on banking websites. Hopefully, all of Amboy's customers' account records are kept in encrypted and protected databases. I also hope Amboy will keep its customers informed in a timely way especially if there's more to this incident than just a website defacement.

Credit for first reporting on this goes to this FW thread.

Related Posts

Comments
4 comments.
Comment #1 by Banking Guy (anonymous) posted on
Banking Guy
The websites are back up as of 2:20pm CDT and I was able to log into my account without problems. I couldn't find any mention of what happened on their website.

For more info on Amboy and their high yield online savings account, please refer to this post.

1
Comment #2 by Anonymous posted on
Anonymous
Dynamite news. It's a little late for them still to be using Win2K, if that's what they are doing. Excellent research on your part, Banking Guy. This bank will be a last choice for me. Happy not to be involved. Am boy. Oh boy!

1
Comment #3 by ben (anonymous) posted on
ben
hey banking guy,
is it really happened out there?I couldn't find any thing wrong at their site?

1
Comment #4 by Banking Guy (anonymous) posted on
Banking Guy
The websites were definitely down for a few hours and the message on the site matched previous defacement incidents. Amboy did clean it up quickly. I'm sure publicity of such an incident would not be good for them. If it were only a defacement type of attack, it could have been easy to clean up without any negative effects on their customers. But it is a reminder for everyone to be careful with security.

1