When you log into a bank website, you probably don’t spend too much time worrying about the security of your information, right? How would you feel if a bank’s entire online presence had been compromised and was sending you malware?
That’s what happened to one Brazilian bank. They didn’t just get hacked or hijacked, they lost control and got completely infiltrated. A hacker group was able to take over their DNS, emails and a few dozen domains owned by the bank, and they put it to nefarious use.
The hackers were able to take over 36 domains owned by the bank, including their mobile and point-of-sale sites. Customers were prompted to input their credit card information on falsified pages. Some pages were sending customers malware.
How did this happen? It appears that an employee with access to the company’s DNS tables was spearphished, which means they received a fraudulent email that tricked them into giving up sensitive information.