Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacked Chinese Bank Server Phishes for US Banks

Posted by ryuzaki0 on from the why-do-people-fall-for-these-things? dept.

1sockchuck writes "A Chinese bank's servers are being used in phishing attacks against U.S. institutions, apparently the first time one bank's infrastructure has been used in attacks on other banks. A hacked server from China Construction Bank Shanghai Branch is hosting pages spoofing Chase and eBay. The scam is one of numerous sites using a social engineering hook promising a $20 reward for recipients who complete a survey about the bank's online services. It then asks for your account login and password - so it can deposit the $20 in the correct account, of course. Plus your Social Security number, mother's maiden name etc."

10 of 47 comments (clear)

  1. Chinese hackers by PFI_Optix · · Score: 3, Funny

    So this is how they make all that money.

    We need to bomb their Internet Center ASAP before they build another tank rush.

    --
    120 characters for a sig? That's bloody useless.
  2. So that's why by n9uxu8 · · Score: 2, Interesting

    I have been hit with that Chase $20 email about 40 times this weekend. I have to wonder how stupid they think we really are....quite a bit apparently....

    Dave

  3. Seems odd by MrNougat · · Score: 4, Interesting

    I find it odd, though not surprising really, that the Chinese gov't would have The Great Firewall of China in place, and have bank servers vulnerable to attack.

    And, the way TFA reads, the bank server (owned by the Chinese government) is currently hosting phishing pages. Can anyone confirm whether the affected server has been taken offline, or are they just letting it go on phishing?

    --
    Web 2.0 == Giant Blogspam Circle Jerk
  4. China Construction by Stargoat · · Score: 3, Informative

    China Construction is a huge bank. It's the Chinese eqivilent of Chase or something similar in size. Not the People's Bank of China (Chinese Central Bank) but still huge. I'm amazed that their security is so lax. That level of incompetence is just amazing.

    --
    Hoist Number One and Number Six.
  5. Indeed. by Saeed+al-Sahaf · · Score: 2, Insightful

    The number of "computer literate" people on the Internet vs. "mom and pop" Interweb users who don't know any better, is actually very small. There is a good chance that a fair number in the small single digit percentages (or even smaller) respond to this type of stuff. Remember, it's like with penis pills, when you spam millions and millions, you only need a small percentage.

    --
    "Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
  6. It's what you get when you limit information by Opportunist · · Score: 2, Insightful

    When you allow only legal information, most people will not even know what is possible aside of what is permitted.

    And if those people are responsible for security... think Demolition Man, just on an IT-scale.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  7. Another reason by $ASANY · · Score: 2, Interesting

    ...to netblock APNIC space at your firewall. I'm not happy I need to do it, and I wish it wasn't necessary. This continuing saga is only going to accelerate the growing trend to have the great wall not being an internal firewall, but an external one built over time by individual admins tired of these problems.

    I have to wonder whether there is a deliberate strategy by the chinese government to encourage the world to cut off access to western sites. Allow every kind of malware, be entirely unresponsive to abuse requests, and wait for the west to defensively wall China off so the chinese government won't have to do it themselves. Pretty stupid strategy long-term, though, so I can't believe it's deliberate.

    1. Re:Another reason by $ASANY · · Score: 3, Informative
      This is from the IP allocation documentation provided on IANA's website. It is an extremely blunt instrument to employ:

      058/8 Apr 04 APNIC
      059/8 Apr 04 APNIC
      060/8 Apr 03 APNIC
      061/8 Apr 97 APNIC
      121/8 Jan 06 APNIC
      122/8 Jan 06 APNIC
      123/8 Jan 06 APNIC
      124/8 Jan 05 APNIC
      125/8 Jan 05 APNIC
      126/8 Jan 05 APNIC
      202/8 May 93 APNIC
      203/8 May 93 APNIC
      210/8 Jun 96 APNIC
      211/8 Jun 96 APNIC
      218/8 Dec 00 APNIC
      219/8 Sep 01 APNIC
      220/8 Dec 01 APNIC
      221/8 Jul 02 APNIC
      222/8 Feb 03 APNIC

      There are other ranges where APNIC is interspersed with other stuff, but this list gets you all the /8 space which can be blocked conveniently.

      Bill's Blacklist is more extensive and gets into the APNIC space that's wedged within other /8 netblocks, and he also identifies other problem children. His list is probably too agressive for your tastes if you're running a public website, though.

  8. Bank network security by RingDev · · Score: 3, Interesting

    I worked for a non-consumer bank as a consultant a few years back, and I was rather concerned with what I saw there.

    The IS Coordination was rabidly anti-Microsoft. The network was mostly windows 98/NT machines on Banyon Vines 3.0 (this was in 2001, right about the time Novel released Banyon 6 I believe) with a handful of Unix based servers.

    To prevent possible security breaches, none of the machines had access to the internet except for a few special machines. Those machiens where not suppose to have access to the internet and the intranet at the same time. What actually happened was that those employees with "one or the other" access figured out they could just leave both cables plugged in and no one would know.

    Towards the end of my contract, relations where breaking down. The IS Coordination was accusing me of purposely introducing bugs to inflate my hours, and I was accusing her of blatant incompetence. The bug that she had been accusing me of creating happened only on the normal staff's PC. My laptop, and her brand new PC worked fine. Turns out that not only were they using an out dated version of Vines (v3 -> v6) they had also not patched it on any of the worker machines (They were on v3.0, and at that time v3 was patched to v3.3). Her machine and my laptop had been fully patched. The problem wound up being one of the dated libraries included in Vines 3.0.

    Unregulated internet access + outdated and compromised network system + a high volume of multi-million dollar transactions = receipt for disaster.

    -Rick

    --
    "Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
  9. Re:So wrong! by LurkerXXX · · Score: 4, Interesting
    if you have net access, you are in the top 1/3 or so of the US intelligencia.

    Really? That's suprising seeing that nearly 75% of U.S. households have internet access. (And that was back in 2004)

    Went to college? More like the top 10%

    So, going to college puts you in the top 10% eh? From 1990 to 2002, the number of high-school graduates entering college went from 60% to 64%. The percentage of Americans ages 25 to 29 with a bachelor's degree rose from 23% to 29%. Top 10% just by going to college? I don't think so.

    I expect you must be one who has fallen for the scams the way you pull numbers out of your ass to describe the American public.