On Wednesday, hackers of the controversial group AnonGhost announced breaching and defacing the website of Yorkshire Bank, a commercial bank in UK. However, after analyzing the hack attack, experts have determined that the hackers actually defaced a well-designed phishing site.
Yorkshire Bank is a division of Clydesdale Bank, a subsidiary of National Australia Bank. At first glance, the phishing site looks legitimate. Most of the pages are working and it’s hosted on ybs-bank.com.
However, it doesn’t have anything to do with Yorkshire Bank. As experts from the University of Cambridge highlight, the Yorkshire Bank’s legitimate site is hosted at ybonline.co.uk. The ybs-bank.com domain was registered back in 2011 by an individual in Malaysia.
The phishing website tries to replicate the Clydesdale Bank website (cbmarkets.co.uk). The phishing domain doesn’t show up in top Google search results. However, a user lured to the malicious site via a spam campaign could be tricked into thinking that it’s legitimate.
At the time of writing, the phishing site is still defaced.
AnonGhost has hacked and defaced a lot of websites. However, most of their claims are highly exaggerated, many of their targets being the websites of small companies that don’t invest in security. In addition, many of their hacks have turned out to be fake.