Global Banks Suffer “Pharming” Attacks

A global financial scam ring attacked more than 65 financial institutions and e-commerce corporations worldwide and stole personal information from these companies using a new hacking technology called “pharming.”

Internet security experts and financial circles at home and abroad said yesterday that the hacking first took place in Australia on February 19 and rapidly spread throughout the world, using an average of over 1,000 internet users daily to access sites and steal internet banking IDs and passwords. The U.S. security company “Websense” revealed the above matter on February 22 and those fake sites have been shut down.

The list of the companies, which fell victim to the hackers’ attacks, include world famous global corporations such as a British bank Barclays, a Scottish bank, the American Express Card, Discover Card, the world’s largest auction site eBay, and the global remittance site PayPal.

Though it is still unclear how severely the local industries were damaged by the hacking activities, more than 5,000 PCs in Korea already suffered pharming attacks last year, raising an alarm to financial sectors.

Hackers stole the email address of the Australia’s daily paper, the “Australian,” and sent fake articles to many internet users, saying, “Australian Prime Minister John Howard is in a critical condition, due to heart attack.”

The users who read the e-mail were infected with Trojan Horse viruses, leading to the artificial change of the host file that connects internet addresses. When users visit financial corporations’ sites, they were automatically logged into fake financial companies’ sites where their IDs and passwords were exposed to hackers.

Internet security experts noted that financial damage could have been inflicted on some among thousands of victims.

The CEO of an internet security company Korea Technology Vision, Kim Hyun-seung, said, “The pharming tech found is the same as the one that attacked Kookmin Bank and National Agricultural Cooperative Federation (NACF, Nonghyup) but the technology through which hackers make users move to normal sites after stealing users’ personal information has become more sophisticated,” and added that it was the first time that financial institutions have been attacked on such a large scale.

Security experts remarked, “Many PCs, which were not protected with the latest security patch of their PC’s operating system seem to have suffered hacking attacks and recommended that industries and Internet users constantly update security patches if they are to be protected.