26 April 2018
Adam Nybäck

Cards and mobile

Adam Nybäck - Anyro

4Posts 29,245Views 36Comments
Information Security

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

Santander UK online bank attacked

19 April 2011  |  7639 views  |  0

If you have logged in to your Santander (Alliance & Leicester) online bank recently your account may have been compromised. One of the bank's customers noticed this when he was prompted with an unusual SSL certificate warning for www.polycache.com.

What first looked like a man-in-the-middle attack turned out to be an injection which tries to look like an ordinary web analytics URL. It goes to a script at advanced-web-analytics.com which downloads another script from polycache.com which seems to hijack the login part of the site.

The issue has recently been discussed on Stack Overflow and Linode Community Forums.

Update: Turns out this wasn't an attack, but a "technical error" by a 3rd party that Santander uses. Still no information on who this 3rd party is or why Santander allows 3rd parties to include scripts in their online bank login page.


Comments: (0)

Comment on this story (membership required)

Latest posts from Adam

Android NFC still not for payments

13 May 2011  |  4467 views  |  1 comments | recomends Recommends 0 TagsMobile & onlinePayments

Use of 3rd parties in online banking

21 April 2011  |  12453 views  |  0 comments | recomends Recommends 1 TagsSecurityGroupInformation Security

Santander UK online bank attacked

19 April 2011  |  7639 views  |  0 comments | recomends Recommends 0 TagsSecurityGroupInformation Security

What's wrong with the UK?

22 November 2008  |  4687 views  |  3 comments | recomends Recommends 0 TagsPayments

Adam's profile

job title System Developer
location Stockholm
member since 2008
Summary profile See full profile »
Self employed system development consultant in the payment card industry in Scandinavia.

Adam's expertise

Member since 2008
4 posts36 comments
What Adam reads
Adam's blog archive
2011 (3)2008 (1)

Who's commenting on Adam's posts