The web site of Bank of India, one of India's leading banks, was restored early Tuesday. The bank has closed the site on Friday after it found that the site had been hacked, and was dispensing malicious code.
Unidentified hackers had inserted malicious code into the bank's main web page, a senior employee familiar with the situation said on Tuesday, speaking on condition of anonymity. The bank's designated spokesman on this issue was not immediately available for comment.
As a result, persons coming to the bank's web site were likely to be temporarily redirected to another site where Trojans and other malware were downloaded onto their computers, the employee said. The user was then brought back to the bank web-site.
The bank's IT staff thought they had the situation under control Friday morning, until they found that each time they changed the index page for the web site, it was immediately replaced by the hackers. The bank then decided to bring the web site down.
"The web site was hosted externally by a hosting company in the U.S.," the employee said. The bank has since changed the company hosting the service, though the employee clarified that the change in hosting provider had been on the cards even before the hacker attack.
The attack on the web site did not however affect the bank's online banking operations, according to the employee. The bank's customers access online banking services through a link on the home page of the bank's web site. The online banking service is provided to users from well-protected servers hosted and monitored within the bank by Hewlett-Packard, the employee said.
The bank is as yet not clear about the identity of the hackers, although Sunbelt suggested in its blog that it was a criminal gang, called the Russian Business Network (RBN). "We have called for the logs from the hosting provider in the U.S., and we may have some definite information then," the employee said.