For five hours in October 2016, hackers totally took over the electronic presence of a major Brazilian bank. All of the bank's desktop and mobile sites were redirected to copies run by the hackers. They may have redirected traffic from ATMs as well. The takeover appears to have been total: the hackers had HTTPS certificates issued in the bank's name, and even planted malware in a security plugin the bank offered its customers. The bank couldn't even send e-mails to notify people what was happening.

According to Kaspersky, the unknown group broke into the bank's account with the top-level Brazilian domain registrar and re-directed the bank's DNS entries to their own servers, hosted on Google Sites.



posted by johnnyFive: 560 days ago