We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
Do not login to A&L this morning - HACKED
Comments
-
WUM anyone?Thinking critically since 1996....0
-
-
If anyone wants to follow the trail take the javascript link from line 7 of A&L login page, load it and paste it into jsbeautifier, this will reveal the second js file, paste that into jsbeautifier and you'll see something clearly malicious. Im sorry its not being reported yet. ?
I think Santander/Abbey might be a different system but Santander/A&L is definitely affectedWUM anyone?
Sorry nothing to gain from this. My account is with A&L and I dont want to see people at loss with this, in addition I dont want it covered up neither. If im a blagger you'll know for sure later today0 -
If anyone wants to follow the trail take the javascript link from line 7 of A&L login page, load it and paste it into jsbeautifier, this will reveal the second js file, paste that into jsbeautifier and you'll see something clearly malicious. Im sorry its not being reported yet. ?
I think Santander/Abbey might be a different system but Santander/A&L is definitely affected
Yes, all these different institutions listed in the code suggest something is afoot (and for once it's not my manhood!):http:\':\'V:\',x=\'allianceleicester\',k=\'18557\',l=\'v4.0\',m=\'ak\',n=Q,o=\'&U3=bankofamerica.7&U1=yahoo.7&U13=ebanking.W.7.hk/1/2/logon&U4=.abbeynational.9.E/EBAN_ENS/&U5=banking.firstdirect.7&U6=discovercard.7/cardmembersvcs/achome/homepage&U7=citibank&U9=.americanexpress.7/myca/acctsumm/us/&U2+U8=X.wellsfargo.7/das/Y-bin/session.Y&U12=halifax-X.9.E&U18=wachovia.7&Uo=banquepopulaire.fr/&U16=..de/Z/Z/&U11=.pncs.7.au/806015v47/&U21=ulsterbankanytimebanking./10.aspx&U15=ruralvia.7/10&U10=santander.cl/transa/segmentos/welcome.asp&U20=npbs.9.E&U14=coventrybuildingsociety.9.E&U17=.W.9.E/1/2/personal/&Uz21=/cmserver/verify.cfm&U19=.mybank.alliance-leicester
0 -
-
I believe advanced-web-analytics.com is something to do with that Rapport software0
-
glider3560 wrote: »I believe advanced-web-analytics.com is something to do with that Rapport software0
-
mr_fishbulb wrote: »But what is polycache.com?
That is the question, from what I can tell A&L do usally have the https://www.advanced-web-analytics.com/18557/splash.js code. So if anything has been comprised it is this server.0 -
Is this right? I can see advancedwebanalytcis in the RBS page as well?0
-
Here's what I've just been told.
While I am not able to go in to specifics regarding the activity, it appears the code was placed there willingly by the bank. Due to a misconfiguration these errors occurred. I was informed that the misconfiguration should be resolved and everything should be all set.
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply

Categories
- All Categories
- 348.2K Banking & Borrowing
- 252.1K Reduce Debt & Boost Income
- 452.3K Spending & Discounts
- 240.7K Work, Benefits & Business
- 617K Mortgages, Homes & Bills
- 175.6K Life & Family
- 253.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 15.1K Coronavirus Support Boards