The web site of Bank of India, closed after being hacked on Friday, has been restored.
Sunbelt Software, a provider of security software in Clearwater, Florida, had on Thursday alerted users on its blog that the bank's site had been compromised and was dispensing malicious code, and advised them not to visit the site.
Unidentified hackers had inserted malicious code into the bank's main web page, a senior employee familiar with the situation said on Tuesday, speaking on condition of anonymity. The bank's designated spokesman on this issue was not immediately available for comment.
As a result, persons coming to the bank's website were likely to be temporarily redirected to another site where Trojans and other malware were downloaded onto their computers, the employee said. The user was then brought back to the bank website.
The bank's IT staff thought they had the situation under control Friday morning, until they found that each time they changed the index page for the website, it was immediately replaced by the hackers. The bank then decided to bring the website down.
"The website was hosted externally by a hosting company in the US," the employee said. The bank has since changed the company hosting the service, though the employee clarified that the change in hosting provider had been on the cards even before the hacker attack.
The attack on the website did not however affect the bank's online banking operations, according to the employee. The bank's customers access online banking services through a link on the home page of the bank's website. The online banking service is provided to users from well-protected servers hosted and monitored within the bank by HP, the employee said.
The bank is as yet not clear about the identity of the hackers, although Sunbelt suggested in its blog that it was a criminal gang, called the Russian Business Network (RBN). "We have called for the logs from the hosting provider in the US, and we may have some definite information then," the employee said.