Featured Savings Rates

Popular Posts

Featured Accounts

Amboy National Bank's Websites May Have Been Hacked


Amboy National Bank's website and its Amoby Direct website may have been hacked today. The only thing that is being displayed at around noon today is the following:
Fatal Error ownz you - #Ferror irc.gigachat.net By : Elemento_pcx ;* IIS devolta e sempre
It appears to have been a defacing type of attack. I think Amboy outsources its online banking so it's likely that no account data was compromised. So the only results of this may be that the website being down for a little bit. I called the Amboy's service number (1-877-22-AMBOY) and the service rep would only confirm that their IT department is working to restore the website. She didn't have any more details.

I did some searching for similar attacks. I found this South African news article which reported on attacks on South African university websites in 2002. In those cases, website content was removed and replaced with the message:
badsector ownzz...greetz: Elemento_pcx - phyr3 - JTec bads3ctor@linuxmail.org

Note the similarities. The article mentioned that all of these websites had been running Windows 2000.

This highlights the need for strong network security on banking websites. Hopefully, all of Amboy's customers' account records are kept in encrypted and protected databases. I also hope Amboy will keep its customers informed in a timely way especially if there's more to this incident than just a website defacement.

Credit for first reporting on this goes to this FW thread.

Related Posts

Banking Guy
Banking Guy (anonymous)   |     |   Comment #1
The websites are back up as of 2:20pm CDT and I was able to log into my account without problems. I couldn't find any mention of what happened on their website.

For more info on Amboy and their high yield online savings account, please refer to this post.
Anonymous   |     |   Comment #2
Dynamite news. It's a little late for them still to be using Win2K, if that's what they are doing. Excellent research on your part, Banking Guy. This bank will be a last choice for me. Happy not to be involved. Am boy. Oh boy!
ben (anonymous)   |     |   Comment #3
hey banking guy,
is it really happened out there?I couldn't find any thing wrong at their site?
Banking Guy
Banking Guy (anonymous)   |     |   Comment #4
The websites were definitely down for a few hours and the message on the site matched previous defacement incidents. Amboy did clean it up quickly. I'm sure publicity of such an incident would not be good for them. If it were only a defacement type of attack, it could have been easy to clean up without any negative effects on their customers. But it is a reminder for everyone to be careful with security.