Bangladesh government domain turned into toxic phishing hole
.gov.bd sites used by parties unknown to spawn phish from UK host
Netcraft security man Paul Mutton says the Bangladesh Government has been used in banking phishing attacks targeting customers of Wells Fargo, Google, and AOL.
The domains are restricted Government assets which Mutton says could indicate lax security controls.
The popped server is located in the UK hosted by Nibs Solutions and no affected phishing sites are located in Bangladesh, he says.
Mutton says the campaign has been running unabated for more than a week.
"After more than a week since this spate of phishing attacks started appearing on UK-hosted .gov.bd sites, none of the fraudulent content has been removed," Mutton says.
"The presence of multiple live phishing sites on the affected server, and the fact that the previous compromises have not yet been cleaned up, suggests that whatever security vulnerabilities might have affected the server are yet to be resolved."
The attacks are significant for the Bangladesh Government. The country has a mere 30,000 public .bd websites for a population of 156 million.
It makes the ratio of legitimate to phishing sites about one in 100.
Users should never log into banking after following links or application prompts and only access accounts through the trusted official site.®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust