KrebsonSecurity is reporting that the online banking site of Coast Central Credit Union (Eureka, CA) "was compromised and apparently had been for nearly two months."
The "crooks had hacked the credit union’s site and retrofitted it with a “Web shell,” a simple backdoor program that allows an attacker to remotely control the Web site and server using nothing more than a Web browser."
According to the report, the credit union was contacted on February 23 about the hack; but did not immediately fix the problem.
The author wrote that when he contacted the credit union he explained who he was, how they’d likely been hacked, how they could verify the hack, and how they could fix the problem. Two days later when he noticed the site was still hacked, he contacted the credit union again, only to find they still didn’t believe he.
Eventually, the credit union believed him and disabled the Web shell.
Read the KrebsonSecurity.
No comments:
Post a Comment