In the target of the Greek hacker Kondor seems to have been reportedly reported by the Greek Banks as a whole, and not only for a few days. Few days after the "mowing" of Greek debt and just after the attack that took place against Probank by pumping a password file, the "hyperactive" Greek hacker Kondor behaves to move on even more aggressively. Its goal this time, according to a statement by one of 3's largest Greek banks, namely Piraeus Bank! Kondor is reported to have acquired <...>
The message reports passwords to the above systems (administrator rights)
domain login accounts
pass: XXXXXX& e (
However, according to his statement, which can not be confirmed by SecNews, he has accessed the intranet of the Bank, where in two cases he has gained access to a domain administrator in the central domain of the Bank. See usernames and passwords below.
Piraeus Bank: Domain CENTRAL
Because we are not aware of the correctness of the data we have been notified (since it can not be controlled by us) but also to not compromise Piraeus Bank data or to use the above data for its personal benefit, its editorial team SecNews has hidden with "XXX" specific characters from the codes posted by the hacker Kondor.
In addition to his message Kondor, he informs that "the attack on Probank and Piraeus Bank took place in almost identical way, ie Remote File Inclusion (RFI - a vulnerability that allows remote code execution)". He finally states in his message that "both banks' websites are hacked as they have old versions of software and too many sqls that leave their customer's information in the background.»
SecNews transfers the entire story with every reservation as the editorial team is unable to confirm the attack and the correctness of the codes that were sent (if applicable). Kondor does not make it clear in his message that he has managed to gain access to the intranet (Bank Intranet) from publicly available web sites, as it naturally took place, as the Banks safely separate their central banking systems from those accessed through Internet, always taking the strongest security measures.
This new attack does not seem to have targeted the ebanking system of the Bank. Probably the specific attacks are still under way or a certain one Spear Phising attack which led to the data being extracted. If this is the case and since the Kondor hacker sends us additional attack data, we will proceed to a new post for your information. Until then, we must maintain reservations about the realization, type and extent of the attack as it can not be fully verified by part of us [as can be seen, for example, with web-site attacks].
SecNews editorial team thanks for immediate and timely briefing.