One of Brazil's biggest banks has suffered an attack that redirected its customers to fraudulent websites that attempted to steal passwords and install malware, according to an unconfirmed report. According to this Google translation of an article penned in Portuguese, the redirection of Bradesco was the result of what's known …
"went on to suggest that customers who were paying attention would have noticed Bandesco's secure sockets layer certificate generated an error when they were redirected to the fraudulent login page."
I doubt that. If the domain name matched the certificate (which it would have, since it is the IP address that gets changed), there would have been no error.
But the spoof site wouldn't have had a kosher certificate with the domain hence the error.
There a great mistake in the article:
"about 1 percent of the bank's customers were affected by the attack"
The correct is: Virtua said that 1% of their customers was afected by this incident, not the customers of Bradesco Bank.
If this brazilian banks implements SSL in the first page, the customers can discover the attack more easily.
- Top Gear Tigers and Bingo Boilers: Farewell then, Phones4U
- Breaking Fad 4K-ing excellent TV is on its way ... in its own sweet time, natch
- First Irish boy band U2. Now Apple pushes ANOTHER thing into iPhones, iPods, iPads
- Updated iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!
- Stephen Pie iPhone 6: Most exquisite MOBILE? NO, it's the Most Exquisite THING. EVER