Criminals take control of CheckFree Web site

Payment processor CheckFree says that hackers redirected customers from its Web site to a server that downloaded malware.

Online criminals took control of the Domain Name System (DNS) record for payment processor CheckFree and briefly redirected the site's visitors to a their own server.

The site was redirected at around 12:30 a.m. Eastern Time on Tuesday after someone logged into CheckFree's Network Solutions account and changed the domain's DNS settings, said Susan Wade, a Network Solutions spokeswoman. "Somebody got hold of the customer's login information," she said. "I don't know how they got access."

By changing the domain's DNS settings, the criminals were able to redirected Internet traffic to their own server.

CheckFree regained control of the account around 5:00 a.m. and fixed the settings, Wade said.

In a statement, CheckFree said that by 10:10 a.m. the rogue site's Internet service provider had "isolated the non-CheckFree site so that no subscribers could connect to it."

While it was active, the site tried to install malicious software on victims' computers, CheckFree said.

"During the incident, users would have seen a blank page if they were redirected to the non-CheckFree site. Those with up-to-date security software would likely have received a message indicating a malware download attempt had occurred," the company said. "If the user's anti-virus software was out of date or they did not have anti-virus software installed, they may have been subject to a malware software download."

The attack targeted flaws in Adobe Acrobat and Adobe Reader, CheckFree said.

CheckFree is advising its customers to download antivirus software and the latest updates to Adobe Reader, used to view pdf files.

CheckFree has about 12,000 locations in the U.S. where customers can walk in and pay bills in person. It accepts payments for services such as utilities, credit cards and mobile phones. The company's Web site can be used to pay bills too, however.

This isn't the first time Network Solutions' account credentials have been used to seize control of a Web site. In May, hackers used a similar technique to knock Comcast.net off-line for several hours.

News of the CheckFree hack was first reported in the Register after a reader noticed a problem with the Web site.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?