Community
If you have logged in to your Santander (Alliance & Leicester) online bank recently your account may have been compromised. One of the bank's customers noticed this when he was prompted with an unusual SSL certificate warning for www.polycache.com.
What first looked like a man-in-the-middle attack turned out to be an injection which tries to look like an ordinary web analytics URL. It goes to a script at advanced-web-analytics.com which downloads another script from polycache.com which seems to hijack the login part of the site.
The issue has recently been discussed on Stack Overflow and Linode Community Forums.
Update: Turns out this wasn't an attack, but a "technical error" by a 3rd party that Santander uses. Still no information on who this 3rd party is or why Santander allows 3rd parties to include scripts in their online bank login page.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Amr Adawi Co-Founder and Co-CEO at MetaWealth
25 November
Kathiravan Rajendran Associate Director of Marketing Operations at Macro Global
Vitaliy Shtyrkin Chief Product Officer at B2BINPAY
22 November
Kunal Jhunjhunwala Founder at airpay payment services
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.