chidyke77:

I actually noticed that yesternite bt went on to do my transaction wtout knowing the implication. I started having fear after reading frm here that it has bn hacked bt to subdue my fear i decided to call their customer care line and the guy that picked it told me that its just a minor issue they hv fixed. I asked if am safe wt the transaction i did yesday and he said i shouldn't panic that am safe and right nw everytin is okay. My first point of call is to check my acct balance which is stil intact.

Do not take his word for it. Most of the bank's staff don't even understand what happened. Only the IT security guys know and they're not allowed to divulge info about it. If I were you, I would immediately change my PIN and any other credential associated with my account with them. Since they have refused to admit the fact that they were compromised, rest assured that they will not be held liable should anything happen to the funds in your account.

webstradamus:

Do not take his word for it. Most of the bank's staff don't even understand what happened. Only the IT security guys know and they're not allowed to divulge info about it. If I were you, I would immediately change my PIN and any other credential associated with my account with them. Since they have refused to admit the fact that they were compromised, rest assured that they will not be held liable should anything happen to the funds in your account.

tnks a lot, i hv to change my password immediately.

I experienced it 2 days ago and yesterday.
I had to make a very important transfer so I had to look for a way around.
I observed that the problem existed in Chrome and Mozilla browsers, so I tried Explorer and it worked without problems.

Funnily, I called GTBank to report the incident and the customer care representative said he hasn't gotten any reports of that nature, which I could tell he was lying cos he went ahead to assure me that it would soon be resolved.

However since then, I have been checking my account balance regularly!!

Isn't good at all for a banks we repose so much trust in.

PapaBrowne:

I experienced it 2 days ago and yesterday.
I had to make a very important transfer so I had to look for a way around.
I observed that the problem existed in Chrome and Mozilla browsers, so I tried Explorer and it worked without problems.

Funnily, I called GTBank to report the incident and the customer care representative said he hasn't gotten any reports of that nature, which I could tell he was lying cos he went ahead to assure me that it would soon be resolved.

However since then, I have been checking my account balance regularly!!

Isn't good at all for a banks we repose so much trust in.

Damn!! The attack was targeted at machines running IE6 - IE8.

I'm sorry for you if you experienced abnormalities and still used it anyway. You could have used an unsecured session displaying your details to a 3rd party.

the website http://www.gtbank.com/ is working perfectly well here, could it be that the so called hijack has been resolved? i just came across this message now and checked the site and all things proved to be normal including the internet banking, so i guess u should try again bro

webstradamus:

Damn!! The attack was targeted at machines running IE6 - IE8.

denzel2009:

I'm sorry for you if you experienced abnormalities and still used it anyway. You could have used an unsecured session displaying your details to a 3rd party.

8figure:




@webstradamus
You are absolutely correct, and the guy was glad that it later opened with the most vulnerable set of browsers.

I had to make the transaction. I didn't have a choice but to take the risk. What gave me confidence is the extra security provided by the little device called the token. My account is safe. But I have moved funds out of it to my other accounts. Asides, if anything happens, GT would have to pay for it.

PapaBrowne:

Asides, if anything happens, GT would have to pay for it.

LOL. You'll be on a long thing. And then, you will not be able to prove that it was their negligence and not your ignorance that caused the loss.

logica:

LOL. You'll be on a long thing. And then, you will not be able to prove that it was their negligence and not your ignorance that caused the loss.

I was about to tell him to read about the concept of non-repudiation

denzel2009:

I was about to tell him to read about the concept of non-repudiation

If you use the service normally and due to GTB's vulnerabilty the connection is compromised then using this same concept of Non-Repudiation its
GT thats at fault

It is phishing not actually server attack.
Those guys with .tk extension are actually fond of that, they will send you info ( I received a mail to this effect last week), that you should confirm your bank details by clicking here ( A link to supposed GTBbank website) that will then direct you to their dubious website, similar to the internet platform of GTB.

On careful look, you will discover that the address in the address bar is not reading GTB , but the phising website.tk or like. All they want is your internet banking details, but they are yet not too wise.

E cash:

It is phishing not actually server attack.
Those guys with .tk extension are actually fond of that, they will send you info ( I received a mail to this effect last week), that you should confirm your bank details by clicking here ( A link to supposed GTBbank website) that will then direct you to their dubious website, similar to the internet platform of GTB.

On careful look, you will discover that the address in the address bar is not reading GTB , but the phising website.tk or like. All they want is your internet banking details, but they are yet not too wise.

Are you for real?

If the 'phisher' get my Internet banking details, how will they generate my token numbers necessary for most transactions on Gtb platform?

The token has not worked since last night!

They still better than others and the hack will not affect any bodies account.

@OP - I think GTB did a site maintenance yesterday, but i later gain access to their website in the evening and i succeeded with my transaction via internet banking

Yes @  webstradamus  I am for real, infact realer   , I can forward to you the mail that these guys sent to me, I still have it in my box.

@ Kclas, that is why i said they are not too wise, there are other security gates that they can not even smell, besides the Id they are taken through phising, be that as it may they can still wreck some havoc without the token.

oche_ejemb:

If you use the service normally and due to GTB's vulnerabilty the connection is compromised then using this same concept of Non-Repudiation its
GT thats at fault

If GT bank haven't come out to publicly disclose that their systems were compromised like reliable companies like Sony, VISA and PayPal did, it's your word against theirs.

You'd be told you have been a victim of phishing attack or your computer is a zombie within a botnet. Your money don go tey tey

I have heard horror stories of people receiving text messages of fraudulent transfers from their accounts over the week-end and they haven't been refunded cos GT bank could not establish they were fraudulent transactions.

Stay safe bro!

I don't think there was any attack or their system was compromised. I think it's just a network irregularity for few hours. I experienced it and after some refreshing, I carried out my transactions smoothly.

I can't transfer. Keeps telling me the token generated is not valid, that I should keep trying.

y always gtb!!!

Plz can someone post the contact details or location of GTB's IT department. I have uncovered a potential flaw with their electronic banking portal that I need to inform them about.

Looks like they're doing a total cleanup of the infected files right now. And to think no official statement has been given regarding the incident? I'm really disappointed in them. Honesty should be a major virtue in banking!!!

Yes @  webstradamus  I am for real, infact realer   , I can forward to you the mail that these guys sent to me, I still have it in my box.
@ Kclas, that is why i said they are not too wise, there are other security gates that they can not even smell, besides the Id they are taken through phising, be that as it may they can still wreck some havoc without the token.
------------------------------------------------------------------------------------------------

E Cash, I ask you again, are you for real? Let me answer that, you're not! When you personally type the domain name into your address bar and get redirected, that's pharming not phishing. When some bloke sends you an email purporting to come from your bank, and asking you to click on a (bogus) link, that's phishing.
For the records, the site was actually hijacked but I didn't find any malicious code on the attacker's server during my analysis.
I think it was just some sort of denial-of-service attack. The site was down for no less than 14hrs on Wednesday (9:30 - 23:30).
I checked back briefly yesterday morning  but found no malicious iframe on their landing page anymore.
As someone said, what disappointed me most is that GTB did not have the decency to explain the outage or apologise to the impacted customers by putting some message on their website. I understand the possible impact that might have had on consumer confidence, but their PR dept could have worked with IT / IT Security to put some sort of spin on the whole episode. Keeping quiet and pretending nothing happened just makes people lose trust in the bank

@Webstradamus,
Thanks for that screenshot. This is so disgraceful. A popular customer-facing site?
I mean, they should have a default "site down for maintenance" banner to put up whenever any clean up activity is ongoing. How can they possibly deny the outage after being caught pants down as above?  As you rightly said, they're dishonest.
I'll advise every user of their online banking service to assume their PC is infected already and use a live linux CD for their banking activities. Two-factor authentication is already susceptible to man-in-the-browser (MITB) attack, so dont let your little token give you a false sense of security.

Anyone willing to know more about live CD can email security@digiss.net

Hey guys! Check this out, Could this be what happened or was to happen to GTB's website?
Someone said he got through during the time of this said attack, I hope he's checked his details properly,

http://www.bbc.co.uk/news/technology-16812064

This attack is against the kind of mechanism GTB uses, the autogenerated token

This isn't a pretty picture hope they have recovered now.

Too bad