Misguided hackers break into scam bank website

AnonGhost claims to have defaced “Yorkshire Bank, one of the largest United Kingdom financial institutions, but the hacking group apparently penetrated an imitation bank instead.

Here’s what likely led to the mistaken identity:

“Yorkshire Bank” is a trading name of Clydesdale Bank plc, a subsidiary of the National Australia Bank Group of companies. Yorkshire Bank joined the Group in 1990. Their website is http://www.ybonline.co.uk/

There is also the “The Yorkshire” or YBS, which is properly known as the “Yorkshire Building Society” which is a member of the Building Societies Association — it’s completely independent. It has a website at http://www.ybs.co.uk/

AnonGhost defaced the website http://ybs-bank.com/ , according to researchers at the University of Cambridge.

Non-defaced portions of the website state it is the domain for “Yorkshire Bank,” which, the site purports, is a trading name for Yorkshire Banking Society PLC, a member of the National Australia Bank Group.

“So you can see why AnonGhost might believe that they had hacked ‘Yorkshire Bank’ (or possibly ‘Yorkshire Building Society’),” one researcher writes.

By looking at Whois registration data for the defaced domain, the researchers discovered it is currently owned by James Edward, a resident of Puchong, Malaysia (a city 6600 miles from Leeds).

“I have no reason to believe that anything good would happen to a Yorkshire Bank user (or a Yorkshire Building Society) user who used their credentials at the Malaysian owned website … so it’s rather hard to say whether having it defaced is detrimental to anyone living within a few hundred miles of Leeds,” the researcher writes .

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.