Popular Posts

Amboy National Bank's Websites May Have Been Hacked

POSTED ON BY

Amboy National Bank's website and its Amoby Direct website may have been hacked today. The only thing that is being displayed at around noon today is the following:
Fatal Error ownz you - #Ferror irc.gigachat.net By : Elemento_pcx ;* IIS devolta e sempre
It appears to have been a defacing type of attack. I think Amboy outsources its online banking so it's likely that no account data was compromised. So the only results of this may be that the website being down for a little bit. I called the Amboy's service number (1-877-22-AMBOY) and the service rep would only confirm that their IT department is working to restore the website. She didn't have any more details.

I did some searching for similar attacks. I found this South African news article which reported on attacks on South African university websites in 2002. In those cases, website content was removed and replaced with the message:
badsector ownzz...greetz: Elemento_pcx - phyr3 - JTec [email protected]

Note the similarities. The article mentioned that all of these websites had been running Windows 2000.

This highlights the need for strong network security on banking websites. Hopefully, all of Amboy's customers' account records are kept in encrypted and protected databases. I also hope Amboy will keep its customers informed in a timely way especially if there's more to this incident than just a website defacement.

Credit for first reporting on this goes to this FW thread.
Previous Comments
Banking Guy
  |     |   Comment #1
The websites are back up as of 2:20pm CDT and I was able to log into my account without problems. I couldn't find any mention of what happened on their website.

For more info on Amboy and their high yield online savings account, please refer to this post.
Anonymous
  |     |   Comment #2
Dynamite news. It's a little late for them still to be using Win2K, if that's what they are doing. Excellent research on your part, Banking Guy. This bank will be a last choice for me. Happy not to be involved. Am boy. Oh boy!
ben
  |     |   Comment #3
hey banking guy,
is it really happened out there?I couldn't find any thing wrong at their site?
Banking Guy
  |     |   Comment #4
The websites were definitely down for a few hours and the message on the site matched previous defacement incidents. Amboy did clean it up quickly. I'm sure publicity of such an incident would not be good for them. If it were only a defacement type of attack, it could have been easy to clean up without any negative effects on their customers. But it is a reminder for everyone to be careful with security.

The financial institution, product, and APY (Annual Percentage Yield) data displayed on this website is gathered from various sources and may not reflect all of the offers available in your region. Although we strive to provide the most accurate data possible, we cannot guarantee its accuracy. The content displayed is for general information purposes only; always verify account details and availability with the financial institution before opening an account. Contact [email protected] to report inaccurate info or to request offers be included in this website. We are not affiliated with the financial institutions included in this website.