Malaysia: Hacker uses bogus Maybank site : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread

Wednesday, August 23, 2000 Hacker uses bogus Maybank site

By Raslan Sharif PETALING JAYA: A hacker is believed to have tried to dupe Internet users into giving away their private financial information by posing as an online executive at Maybank Bhd.

Over the weekend, several Internet users began receiving e-mail purportedly from a Maybank online executive promoting services and offering free "Maybank2u online tools'' that could be downloaded from, a bogus website.

The Star was informed of the hacking attempt by a reader, who also provided a copy of the e-mail.

In an official response to enquiries, Maybank on Monday said that maybank2u.rvx was not its website and that the e-mail was fake.

The bank advised users who received the e-mail to "delete it without accessing the said address or opening any attached files as this could initiate a virus which would affect the user's computer.''

Internet users who accessed the address would have been redirected to another website that automatically prompted users to download a compressed file, also known as a zip file, onto their personal computers.

The zip file, named, contained two programs or executable files, one of which was a malicious program called a "Trojan horse.''

A Trojan horse is a destructive program that masquerades as a benign application.

Internet user Jason Chong of Johor Baru, who was among the first to alert other users of the hacking attempt, suspected that the Trojan horse operates by fooling users into divulging confidential information, such as their ATM personal identity number (PIN), then saving it in a hidden file.

"The program may have the capability of opening a channel from a victim's PC to the hacker whenever the victim is online,'' Chong said.

This channel can then be used by the hacker to collect information saved in the hidden file, and other "useful'' information contained in the PC, said the 25-year-old part-time student at Informatics College.

A copy of the files has been sent to the Malaysian Computer Emergency Response Team for further analysis.

-- Martin Thompson (, August 23, 2000

Moderation questions? read the FAQ