Community

Join the Community

23,851
Expert opinions
40,607
Total members
391
New members (last 30 days)
201
New opinions (last 30 days)
29,241
Total comments
Join Sign in

Santander UK online bank attacked

  0 Be the first to comment
Adam Nybäck
Adam Nybäck
System Developer
Anyro
Location
Stockholm
Followers
0
Opinions
4
Unfollow

If you have logged in to your Santander (Alliance & Leicester) online bank recently your account may have been compromised. One of the bank's customers noticed this when he was prompted with an unusual SSL certificate warning for www.polycache.com.

What first looked like a man-in-the-middle attack turned out to be an injection which tries to look like an ordinary web analytics URL. It goes to a script at advanced-web-analytics.com which downloads another script from polycache.com which seems to hijack the login part of the site.

The issue has recently been discussed on Stack Overflow and Linode Community Forums.

Update: Turns out this wasn't an attack, but a "technical error" by a 3rd party that Santander uses. Still no information on who this 3rd party is or why Santander allows 3rd parties to include scripts in their online bank login page.

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

9068
 

Share

 
 
 
 
 

Channels

/security
 

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

Join group

220 opinions 46 members

Comments: (0)

Adam Nybäck
Adam Nybäck
System Developer
Anyro
Member since
08 Jan 2008
Location
Stockholm
Followers
0
Following
0
Opinions
4
Unfollow

Android NFC still not for payments

Use of 3rd parties in online banking

What's wrong with the UK?

See all Opinions from Adam

More expert opinions

Dmytro Spilka

Dmytro Spilka Director and Founder at Solvid, Coinprompter

Fintech Innovations Drive Frictionless Tax Efficiency for Investors Through Donation Tools

Naina Rajgopalan

Naina Rajgopalan Content Head at Freo

Anchorage’s Growing Role in Arctic Trade: What It Means for Digital Payments and Fintech

Alex Kreger

Alex Kreger Founder and CEO at UXDA Financial UX Design

Beyond Features: How Rich Digital UX Can Unlock Banks’ True Market Potential

8

Barley Laing

Barley Laing UK Managing Director at Melissa

How to prevent synthetic identity fraud before it strikes

See all opinions

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

23,851
Expert opinions
40,607
Total members
391
New members (last 30 days)
201
New opinions (last 30 days)
29,241
Total comments
Join Sign in

Trending

Nauman Hassan

Nauman Hassan Director at Paymentology

A Rising Tide for Fintech in the UAE: What Revolut’s Entry Really Means

Joris Lochy

Joris Lochy Product Manager at Intix | Co-founder at Capilever

Innovation or Illusion? Belgian’s first Savings Account with daily interest payouts.

Sergiy Fitsak

Sergiy Fitsak Managing Director, Fintech Expert at Softjourn

FinTech Compliance in 2025: The Rules Are Changing — Are You Ready?

Alex Malyshev

Alex Malyshev CEO, Co-founder at SDK.finance, FinTech software provider

From Banks to PSPs: The Push Toward Crypto-to-Fiat Integration

Now Hiring

All companies

Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.

Please read our Privacy Policy.

Accept