Konversbank website was attacked
The network has information that the attackers took the old Conversbank domain http://conversbank.com and posted there information about the alleged insolvency of the bank.
')
Despite the fact that www.konversbank.ua is now the official site of Konversbank, it still has links to the old domain, in particular, feedback on the page www.konversbank.ua/contacts/callback.htm leads to the attacked domain conversbank.com .
In addition to a large number of errors on the site, it also has the simplest XSS vulnerability:
http://www.konversbank.ua/search.htm? search = " "> <% 2Fimg> <script
Therefore, I would, for now, caution bank customers to use this site for online banking, advice and feedback.
“On April 9, we launched an updated version of the site. The old domain was left without our support, and a hacker attack was immediately carried out on it, which resulted in information that did not correspond to reality. The only official site of the bank is www.konversbank.ua , ”reports Lesya Alekseenko, a specialist in the Corporate Identity and Communication Service of Converse Bank. In connection with the disseminated information, the bank filed an application to law enforcement agencies.
')
Despite the fact that www.konversbank.ua is now the official site of Konversbank, it still has links to the old domain, in particular, feedback on the page www.konversbank.ua/contacts/callback.htm leads to the attacked domain conversbank.com .
In addition to a large number of errors on the site, it also has the simplest XSS vulnerability:
http://www.konversbank.ua/search.htm? search = " "> <% 2Fimg> <script
Therefore, I would, for now, caution bank customers to use this site for online banking, advice and feedback.
Source: https://habr.com/ru/post/141921/
All Articles