back to article Worldwide bank attack blitz linked to Sony Pictures hacking crew

Evidence has surfaced that hackers blamed for the infamous Sony Pictures hack and the notorious Bangladesh Central Bank account heist have launched a fresh wave of assaults. The so-called Lazarus hackers are currently targeting scores of banks and other organisations across 31 countries, Symantec warns. The attacks appeared …

  1. Crazy Operations Guy

    "The attackers appear to be using compromised websites"

    There should be some kind of certification process required before a website is allowed on the internet. Even basic questionnaire would suffice, something along the lines of:

    -Does the website run as root?

    -Are any of the website's resources marked as 777 (Or anything else idiotically loose like that)?

    -Are users allowed to upload files with +x permissions?

    -Is the admin page accessible by everyone?

    Any of those should be grounds for the website being denied from serving pages to the world. It bothers me how many websites out there are set up where the process serving pages is also granted permissions to modify the files it is serving or even files outside of the website's directories. Or in some cases, CGIs that run as root and have both write and execute turned on.

    1. Anonymous Coward
      Anonymous Coward

      Re: "The attackers appear to be using compromised websites"

      I cannot imagine how in the world you would monitor or enforce that.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like