Information Security News
mailing list archives
Bank confirms crackers break into website
From: InfoSec News <isn () c4i org>
Date: Mon, 25 Jun 2001 04:44:36 -0500 (CDT)
Monday 25 June, 2001 14:53 GMT+10:00
By BARRY PARK, FAIRFAX IT
The National Australia Bank has confirmed that online vandals broke
into and defaced one of the company's Web servers last week.
An NAB spokesperson said today the bank detected crackers breaking
into and replacing a website's index page on Saturday with a statement
denouncing the United States Government and a wellknown website
The defacement appears to be the work of the sadmind worm, which
spreads between Solaris systems using a year-old exploit and seeks out
systems running Microsoft's Internet Information Service (IIS)
The worm uses an eight-month-old security loophole to deface the IIS
Web server's index page.
The spokeswoman confirmed that the cracked server at
appwebcalc.national.com.au, which hosts customer services including
loans calculators, was an IIS/4.0 Web server running on an NT4
The spokesperson said the defaced website was "deleted before it was
seen by any member of the public".
She said the defacement took place in "only one isolated server",
while other areas, including Internet banking, were unaffected.
The spokesperson said the bank expected to have the website back up
later this week.
She said the defacement was not a direct attack on the bank.
ISN is hosted by SecurityFocus.com
To unsubscribe email isn-unsubscribe () SecurityFocus com
- Bank confirms crackers break into website InfoSec News (Jun 25)