26 May 2017
Paul Penrose


Paul Penrose - Finextra

307Posts 1,315,531Views 246Comments
A post relating to this item from Finextra:

CheckFree Web site hijacked by Eastern European criminals

04 December 2008  |  12173 views  |  0
Ukrainian hackers seized control of two CheckFree Web domains on Tuesday and redirected users to a Web address that tried to install malware on visitor desktops.

CheckFree hack sets off alarm bells

08 December 2008  |  3824 views  |  0

The Washington Post's Security Fix blog has dug a little deeper into the attack on CheckFree's bill payment Website last week.

CheckFree has admitted that hackers had, for several hours, redirected visitors to its customer login page to a Web site in Ukraine that tried to install password-stealing software.

But the company has said little else about the attack and has yet to divulge any further details.

Security Fix cites an anonymous source involved in the investigation who suggests that up to 5000 users were directed to the bogus site during the attack.

More worryingly, both for CheckFree and the bank's that rely on its platforms, is the ease with which the assailants perpetrated the assault.

It appears that the Eastern European crime gang behind the scam obtained the user name and password needed to make account changes at the Web site of Network Solutions, CheckFree's domain registrar.

We can speculate about how this happened - as a result of an inside job, a sophisticated phishing expedition, or a password-stealing Trojan on an infected employee computer.

Network Solution's, Checkfree's domain registrar, will not enter into discussions about the additional security measures in place to protect against such Web site hijackings.

Which raises the distinct possibility that all you need to take ownership of a legitimate, trusted and high-profile Web domain is a single set of user credentials.

As Gartner's Avivah Litan tells Security Fix: "If all that's protecting a bank's Web site is a user name and password, that's kind of like having a massive vulnerability in the core of the Internet. This could have been a lot worse, and if they can do it to CheckFree, they can do it to other banks."

TagsSecurityRetail banking

Comments: (0)

Comment on this story (membership required)

Latest posts from

Paul's profile

job title Head of Research
location London
member since 2007
Summary profile See full profile »
I'm responsible for editorial content and quality control across the full range of Finextra media.

Paul's expertise

Member since 2006
307 posts246 comments

Who's commenting on Paul's posts