Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,194,194 members, 7,953,699 topics. Date: Thursday, 19 September 2024 at 11:51 PM

GTBank Website Has Been Hijacked? - Webmasters - Nairaland

Nairaland Forum / Science/Technology / Webmasters / GTBank Website Has Been Hijacked? (11298 Views)

Is This A Pirated Gtbank Website? / Gtbank Website Hacked / Gtbank Website Review (2) (3) (4)

(1) (2) (Reply) (Go Down)

GTBank Website Has Been Hijacked? by rejoice3: 1:16am On Feb 15, 2012
http://www.digiss.net/resources/blog/entry/gtbankdotcom-hijacked-qshop-closed-please-come-back-laterq

Having got back from the office after a lengthy & busy couple of days, I settled down to watch Barcelona destroy Bayern Leverkusen in the Champions League. Midway through the one-sided match, I got a call from a friend who asked me to check whether I could access GTB's website from my PC. He complained that he had been trying for the past 12 hours without any joy! My initial suspicion was: either his PC was having issues, or his ISP's DNS servers were screwed but it turned out that I was wrong!

I was least expecting that, even if their website had been hijacked, GTB would not have the requisite recovery capabilities to ensure that the site comes back to life within minutes. Anyway, I decided to see things for myself by jumping on my little malware analysis toy laptop. Well, I did indeed find that the site was redirecting my traffic all over the place. The redirection path is thus: mylife.tk=>domain.dot.tk=>search discovered.com=>searchmagnified.com=> (, etc, etc, ) =>cdn.optmd.com.

Even Afrikeo had a pop at them!

How good is this for business? Well, let's imagine that 1000 online transactions of an average value of 10,000 Naira occur on GTB's website every hour. It means that the company loses N10,000,000/hour in transactional value. However, assuming that the site went down just before my friend accessed it at 0900GMT (and still hasn't recovered up till now, which it hasn't) they would have lost N150,000,000 in transactional value. I am not a banker, but assuming the profit margin on this volume is 5%, this represents a loss of N7,500,000. Ok, that's just about enough to pay the annual salary of a middle management staff, but this is an unwanted loss that could have easily been prevented. Besides, GTB's reputation and the confidence of their customers would have taken a bit of a hit, which we cannot put a Naira amount to!

Let's hope our financial organisations learn fast.

Back to the attack; going by my quick analysis, the attacker is focusing on his primary target which is GTBank. User's (secondary targets) are not currently being re-directed to websites hosting malicious codes, but that can change anytime. Before you visit the website, make sure you check the state of your browser and it's plugins here - and do the needful if need be - just in case you're redirected to a website hosting malicious exploit kits

Currently, it looks like a denial of service attack where the attacker is demanding a ransom before handing control of the website back to the legitimate administrator - this is the kind of deep mess you can find yourself in if you fail to guide your critical assets jealously.

One can also make so many educated guesses as to the cause of this incident. The domain does not expire until March 2016, so this isn't the cause of the re-directs. There is a fair chance that the site is running a vulnerable version of Apache which has been exploited as Netcraft shows that the last change (to the site's Apache web server app) occurred yesterday.

Anyhow, let's watch how this event unfolds and hope that our dear GTBankDOTcom recovers on time - I need to do some online banking fast
Re: GTBank Website Has Been Hijacked? by denzel2009: 2:14am On Feb 15, 2012
Easy conclusion is that they dont have good disaster recovery plans.
Re: GTBank Website Has Been Hijacked? by srivastava(m): 12:29pm On Feb 15, 2012
Is it hijacked??
Re: GTBank Website Has Been Hijacked? by Dyt(f): 2:49pm On Feb 15, 2012
since tey tey
Re: GTBank Website Has Been Hijacked? by POTUT(m): 2:55pm On Feb 15, 2012
http://www.gtbank.com/ is back online. Just visited it and there were no redirects.
Re: GTBank Website Has Been Hijacked? by suolboy(m): 3:00pm On Feb 15, 2012
The website was not hijacked as at yesterday, because i personally accessed the website and carried out transaction. So i don't know for u guy.
Re: GTBank Website Has Been Hijacked? by logica(m): 3:03pm On Feb 15, 2012
It is what happens when you put incapable people in charge of critical functions. I do remember once back in 2007 when a friend tried getting cash from a GTBank ATM and the console showed a Windows desktop running a virus scan and an alert indicating the computer was infected with some worm. Of course all the ATMs we went to that night showed the same desktop since they are all terminals to a single computer unit.

To add to this, I am aware of a vulnerability in JBoss and there was a security release on the issue several months back. I am sure if you check all the companies running JBoss in this country, none would have been updated as those in charge are completely unaware.
Re: GTBank Website Has Been Hijacked? by Ultrame(m): 3:04pm On Feb 15, 2012
!rejoice:

http://www.digiss.net/resources/blog/entry/gtbankdotcom-hijacked-qshop-closed-please-come-back-laterq

Anyhow, let's watch how this event unfolds and hope that our dear GTBankDOTcom recovers on time - I need to do some online banking fast


^^^^^^
It's back online but the normal flash animations are not loading. I wouldn't login to the internet banking yet if I were you.
Re: GTBank Website Has Been Hijacked? by logica(m): 3:05pm On Feb 15, 2012
suolboy:

The website was not hijacked as at yesterday, because i personally accessed the website and carried out transaction. So i don't know for u guy.

Not to say the OP had a completely different issue (especially since I did not verify myself), but WHEN (as in what time) yesterday did you access the site?
Re: GTBank Website Has Been Hijacked? by megawax8: 3:09pm On Feb 15, 2012
dnt kno if to clap for d hackers or fil bad for d bankers, i so nid to learn dis grin
Re: GTBank Website Has Been Hijacked? by Koolking(m): 3:12pm On Feb 15, 2012
GTB website seems vulnerable to cyber-terrorists. Every now and then the site is reported being hacked. One needs to be aware of how a phishing sites looks like hence one risks giving out his personal details ignorantly.
Re: GTBank Website Has Been Hijacked? by Koolking(m): 3:19pm On Feb 15, 2012
suolboy:

The website was not hijacked as at yesterday, because i personally accessed the website and carried out transaction. So i don't know for u guy.


I just checked http://www.gtbank.com, not found

Are you sure you were not directed to a phishing site? If you were then I have no doubt that the hackers had achieved their aim. You may wish to change your (Internet banking) logins while you can
Re: GTBank Website Has Been Hijacked? by Baawaa(m): 3:20pm On Feb 15, 2012
And we are talking of cashless society
Re: GTBank Website Has Been Hijacked? by chmod777: 3:29pm On Feb 15, 2012
Trust be they are back but now on a dot 35 IP which is local to naija. and seemingly OS with unknown signature, seems better. wink wink
no redirect.it is OK
Re: GTBank Website Has Been Hijacked? by goggs(m): 3:30pm On Feb 15, 2012
Yes i can confirm that it was down yesterday.  I tried to execute a transfer and each time I clicked on the internet banking log on it redirects to one funny portal .tk

I backed out after three attempts. I am really scared of Gtbank.com now. I carry out tons of money transactions and now I don't feel safe on the site any more.

I would rather join the queues at the bank or move to UBA internet banking
Re: GTBank Website Has Been Hijacked? by onenija: 3:33pm On Feb 15, 2012
These are reasons why First bank are far ahead of GTB

First Bank winning the most Innovative Bank in Africa is not a fluke because They are the

First to introduce ATM cash deposit in Nigeria.

First to Introduce ATM biometric

First to introduce automated cheque confirmation

First to bag ISO/IEC 27001 for Information Security Management system

First to bag BS 25999-2:2007 for Business continuity Management

No wonder they are the No. 1 Brand in Nigeria.

though I must admit that GTB is better in terms of Customer Service and Efficiency.
Re: GTBank Website Has Been Hijacked? by Nextworldnx(m): 3:39pm On Feb 15, 2012
I noticed that since yesterday, I will love to advise u guys to stay-off using the site(even if it comes up again) for d main time,as it might just re-directs u to a phishing site and all ur sensitive details will end up in d wrong hands. Please dont panic as leading brand images are top target of hackers, i‘m quite GTB‘s server administrators are quite up to d task
Re: GTBank Website Has Been Hijacked? by babaowo: 3:44pm On Feb 15, 2012
@Baawaa, don't mind them,cashless societ ko?, cashlost sosoyeye nii,
Re: GTBank Website Has Been Hijacked? by Davidbanky(m): 3:44pm On Feb 15, 2012
I recievd a mail from them telling ♏ξ †ђa† i shld upgrade my acount,when i dnt have an account with them , I suspected immediately
Re: GTBank Website Has Been Hijacked? by mbulela: 3:47pm On Feb 15, 2012
Nextworldnx:

I noticed that since yesterday, I will love to advise u guys to stay-off using the site(even if it comes up again) for d main time,as it might just re-directs u to a phishing site and all ur sensitive details will end up in d wrong hands. Please dont panic as leading brand images are top target of hackers, i‘m quite GTB‘s server administrators are quite up to d task
we keep hearing that all the time but i am not impressed.
they need to sit up.
Re: GTBank Website Has Been Hijacked? by Jarus(m): 3:54pm On Feb 15, 2012
I used GT online portal yesterday. Although I first experinced a little hiccup, redirecting, the site eventually opened after couple of trials and I did my transaction validly.
Re: GTBank Website Has Been Hijacked? by badesco(m): 4:06pm On Feb 15, 2012
The site is not accessible as 3.30pm. i mean  this afternoon. May be they are upgrading their site or something. You can try later.
Re: GTBank Website Has Been Hijacked? by Pelumiv(m): 4:17pm On Feb 15, 2012
check it on my phone now its same same.
Re: GTBank Website Has Been Hijacked? by energylink: 4:27pm On Feb 15, 2012
Baawaa:

And we are talking of cashless society

MY BROTHER, SEE TROUBLE O.
Re: GTBank Website Has Been Hijacked? by neeyee88: 5:05pm On Feb 15, 2012
I experienced the same yesterday here in Canada trying to access my account online and i got his re-direction times without number but i never followed the link, i actually tot it was network jam (which is quite common in Nigeria). owever, I retried it this mony and I had access to my accounts pronto, hope the bank strategises and be more vigilant becos GTB is a very big and well known bank all over the world so this carelessness is not excusable.
Re: GTBank Website Has Been Hijacked? by Tolulop001(f): 5:08pm On Feb 15, 2012
I noticed some funny activity too on their site, i tried to do an online transfer but backed out

these reports about GT being vulnerable is not good oh, i hate going to the banking hall and I conduct about 95 % of my transactions

online and POSs
Re: GTBank Website Has Been Hijacked? by webstradamus: 5:41pm On Feb 15, 2012
I'll advise y'all to stay clear of using the GTB website for now. It was actually infected with malware in a Blackhole Toolkit Website 14 Attack. Until GTB gives an official account of the incident and inform of us of what steps they took to manage it, I think y'all shouldn't use the website (especially for transactions).
Re: GTBank Website Has Been Hijacked? by scopusng(m): 6:34pm On Feb 15, 2012
Experienced same wahala yesterday but seems okay now.
loading . . . . .
Re: GTBank Website Has Been Hijacked? by chidyke77(m): 6:40pm On Feb 15, 2012
I actually noticed that yesternite bt went on to do my transaction wtout knowing the implication. I started having fear after reading frm here that it has bn hacked bt to subdue my fear i decided to call their customer care line and the guy that picked it told me that its just a minor issue they hv fixed. I asked if am safe wt the transaction i did yesday and he said i shouldn't panic that am safe and right nw everytin is okay. My first point of call is to check my acct balance which is stil intact.
Re: GTBank Website Has Been Hijacked? by chidyke77(m): 6:40pm On Feb 15, 2012
, ,

(1) (2) (Reply)

How To Report A Blog That Stole Your Content / Cosmo, The Hacker ‘god’ Who Fell To Earth - MUST READ (PART 2) / My Former Website Hosting Company Is Holding Me To Ransom

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 40
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.