We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Do not login to A&L this morning - HACKED
Options
Comments
-
WUM anyone?Thinking critically since 1996....0
-
-
If anyone wants to follow the trail take the javascript link from line 7 of A&L login page, load it and paste it into jsbeautifier, this will reveal the second js file, paste that into jsbeautifier and you'll see something clearly malicious. Im sorry its not being reported yet. ?
I think Santander/Abbey might be a different system but Santander/A&L is definitely affectedWUM anyone?
Sorry nothing to gain from this. My account is with A&L and I dont want to see people at loss with this, in addition I dont want it covered up neither. If im a blagger you'll know for sure later today0 -
If anyone wants to follow the trail take the javascript link from line 7 of A&L login page, load it and paste it into jsbeautifier, this will reveal the second js file, paste that into jsbeautifier and you'll see something clearly malicious. Im sorry its not being reported yet. ?
I think Santander/Abbey might be a different system but Santander/A&L is definitely affected
Yes, all these different institutions listed in the code suggest something is afoot (and for once it's not my manhood!):http:\':\'V:\',x=\'allianceleicester\',k=\'18557\',l=\'v4.0\',m=\'ak\',n=Q,o=\'&U3=bankofamerica.7&U1=yahoo.7&U13=ebanking.W.7.hk/1/2/logon&U4=.abbeynational.9.E/EBAN_ENS/&U5=banking.firstdirect.7&U6=discovercard.7/cardmembersvcs/achome/homepage&U7=citibank&U9=.americanexpress.7/myca/acctsumm/us/&U2+U8=X.wellsfargo.7/das/Y-bin/session.Y&U12=halifax-X.9.E&U18=wachovia.7&Uo=banquepopulaire.fr/&U16=..de/Z/Z/&U11=.pncs.7.au/806015v47/&U21=ulsterbankanytimebanking./10.aspx&U15=ruralvia.7/10&U10=santander.cl/transa/segmentos/welcome.asp&U20=npbs.9.E&U14=coventrybuildingsociety.9.E&U17=.W.9.E/1/2/personal/&Uz21=/cmserver/verify.cfm&U19=.mybank.alliance-leicester
0 -
-
I believe advanced-web-analytics.com is something to do with that Rapport software0
-
glider3560 wrote: »I believe advanced-web-analytics.com is something to do with that Rapport software0
-
mr_fishbulb wrote: »But what is polycache.com?
That is the question, from what I can tell A&L do usally have the https://www.advanced-web-analytics.com/18557/splash.js code. So if anything has been comprised it is this server.0 -
Is this right? I can see advancedwebanalytcis in the RBS page as well?0
-
Here's what I've just been told.
While I am not able to go in to specifics regarding the activity, it appears the code was placed there willingly by the bank. Due to a misconfiguration these errors occurred. I was informed that the misconfiguration should be resolved and everything should be all set.
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply

Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards