[ISN] Bank confirms crackers break into website

From: InfoSec News (isnat_private)
Date: Mon Jun 25 2001 - 02:44:36 PDT

  • Next message: InfoSec News: "Re: [ISN] USA Today as DoD cyber-war propaganda mouthpiece"

    http://it.mycareer.com.au/breaking/2001/06/25/FFX87XS4DOC.html
    
    Monday 25 June, 2001 14:53 GMT+10:00
    By BARRY PARK, FAIRFAX IT
    
    The National Australia Bank has confirmed that online vandals broke
    into and defaced one of the company's Web servers last week.
      
    An NAB spokesperson said today the bank detected crackers breaking
    into and replacing a website's index page on Saturday with a statement
    denouncing the United States Government and a wellknown website
    cracker.
    
    The defacement appears to be the work of the sadmind worm, which
    spreads between Solaris systems using a year-old exploit and seeks out
    systems running Microsoft's Internet Information Service (IIS)
    servers.
    
    The worm uses an eight-month-old security loophole to deface the IIS
    Web server's index page.
    
    The spokeswoman confirmed that the cracked server at
    appwebcalc.national.com.au, which hosts customer services including
    loans calculators, was an IIS/4.0 Web server running on an NT4
    platform.
    
    The spokesperson said the defaced website was "deleted before it was
    seen by any member of the public".
    
    She said the defacement took place in "only one isolated server",
    while other areas, including Internet banking, were unaffected.
    
    The spokesperson said the bank expected to have the website back up
    later this week.
    
    She said the defacement was not a direct attack on the bank.
    
    
    
    
    ISN is hosted by SecurityFocus.com
    ---
    To unsubscribe email isn-unsubscribeat_private
    



    This archive was generated by hypermail 2b30 : Mon Jun 25 2001 - 03:38:41 PDT