Thursday, December 04, 2008

CheckFree Hijacked, Used To Spread Malicious Software

On Tuesday hijackers took control of CheckFree's DNS records and redirected the site to their own servers.

The site was redirected at around 12:30 a.m. Eastern Time on Tuesday after someone logged into CheckFree's Network Solutions account and changed the domain's DNS settings, said Susan Wade, a Network Solutions spokeswoman. "Somebody got hold of the customer's login information," she said. "I don't know how they got access."

It took several hours for CheckFree to regain control, during which time the hijackers used the redirect and the Checkfree domain name to push malicious software on to victims' computers.

"During the incident, users would have seen a blank page if they were redirected to the non-CheckFree site. Those with up-to-date security software would likely have received a message indicating a malware download attempt had occurred," the company said. "If the user's anti-virus software was out of date or they did not have anti-virus software installed, they may have been subject to a malware software download."

It is advised that anyone that uses the Checkfree site or has visited it over the last few days run anti-virus scans, malware scans and double check for updates to their Adobe products.

News of the CheckFree hack was first reported in the Register after a reader noticed a problem with the Web site.


For more information on the CheckFree hijacking checkout this article "Digging Deeper Into The The Checkfree Attack

1 comment:

  1. Anonymous7:50 AM

    So, according to this article, CheckFree KNOWINGLY allowed its customers to be subjected to malware downloads for over 5 hours and provided NO notification to individuals and corporations doing business with them.

    This is unconscionable behavior. They should be held legally liable for the expense of cleaning up individual PC's as well as the expenses of PR campaigns that need to be taken by their corporate customers that re-sold their service.

    I do believe that individual users should be responsible for keeping up to date Anti-Virus, Anti-Spyware, and other security measures in place. But, someone in this company made a conscious decision to withhold this information from its business partners. Given that, there should be repercussions for their actions. At the very least, I hope that they lose customers.


All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you