Bank Of America ATMs Disrupted By Virus

Reuters/Yahoo ^ | 1-25-2003

[blam]

Bank of America ATMs Disrupted by Virus

SEATTLE (Reuters) - Bank of America Corp. said on Saturday that customers at a majority of its 13,000 automatic teller machines were unable to process customer transactions after a malicious computer worm nearly froze Internet traffic worldwide.

Bank of America spokeswoman Lisa Gagnon said by phone from the company's headquarters in Charlotte, North Carolina, that many, if not a majority of the No. 3 U.S. bank's ATMs were back online and that their automated banking network would recover by late Saturday.

Web traffic slowed suddenly and dramatically worldwide for hours after a fast-spreading computer worm clogged pipelines of the global network carrying data, Web pages and e-mail, officials said.

"We have been impacted, and for a while customers could not use ATMs and customer services could not access customer information," Gagnon said.

Gagnon said that the worm, which slows down computer networks by replicating rapidly and spreading to other servers, did not cause any damage to customer information, but slowed down or blocked access to that sensitive information, making transactions difficult.

[dogbyte12]

Makes ya rethink going to the ATM for "cold" hard cash.

[Noslrac]

Kind of makes you feel kinda fuzzy inside knowing that your money & information is sitting on a nice database full of holes connected to the net where it can receive viruses.

[Liberal Classic]

While I can understand how customers might not be able to get to their online banking site and that the branch locations might be offline, I had no idea that their ATMs were connected through the public internet.

[Noslrac]

Where do you download the programs to increase the amount of money in your account???</sarcasm>

[struwwelpeter]

About four or five years ago hackers broke into the newly-installed ATM "Bankomat" system in Russia. They used data from tourists accessing their accounts in Petersburg to pay themselves through the same ATMs in cash - from the foreigners' accounts.

[blam]

"Kind of makes you feel kinda fuzzy inside knowing that your money & information is sitting on a nice database full of holes connected to the net where it can receive viruses."

I keep mine in a coffee can buried in the yard.

[DeFault User]

that many, if not a majority of the No. 3 U.S. bank's ATMs were back online...

When did they drop to #3? With the merger of NationsBank and BofA, BofA became #1, as I recall.

As one of their Internet and ATM customers, this is not very encouraging. The article does imply that the data were not compromised, just the speed of access. I hope that's a correct reading, anyway.

[TaxPayer2000]

Where do you download the programs to increase the amount of money in your account???

Not long ago you could download the information from most any college, however it was rather slow, it took from four to six years. Sadly this information has been corrupted on a wide scale, and it may be next to impossible to get it from this same source today.

[putupon]

I keep mine in a coffee can buried in the yard.

I was thinking of getting a metal detector. You don't have a dog back there, do you?

[HAL9000]

I would not be surprised if businesses affected by this latest incident joined a class-action lawsuit against Microsoft. The monetary damages from this problem will be very high.

[blam]

"I was thinking of getting a metal detector. You don't have a dog back there, do you?

Hmmmm. Check my profile.

[Focault's Pendulum]

Sorry about that...I was rewiring my basement.

The good new is....my sump pump is working again.

[putupon]

looks like your coffee can is safe

[blam]

Did you know:

The original name of the Bank Of America ...was: The Bank Of Italy?

[SpaceBar]

W32.SQLExp.Worm
Discovered on: January 24, 2003

W32.SQLExp.Worm is a worm that targets systems running Microsoft SQL Server 2000, as well as Microsoft Desktop Engine (MSDE) 2000. The worm sends 376 bytes to UDP port 1434, the SQL Server Resolution Service Port. Beginning at 5:31am GMT, we started to see a significant increase in the unique number of source IPs scanning for UDP port 1434. Symantec Security Response highly recommends all users of either Microsoft SQL Server 2000 or MSDE 2000 audit their machines for the vulnerabilities referred to in the Microsoft advisory at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-039.asp., and install the patch referred to by http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-061.asp.

Symantec Security Response also recommends configuring perimeter devices to block UDP traffic to port 1434 from untrusted hosts.

Symantec Security Response is currently developing a removal tool for W32.SQLExp.Worm. Because the worm is only resident in memory, and is not written to disk, this threat is not detectable using virus definitions. Customers are recommended to follow the measures described above in order to deal with this threat.

The worm has the unintended payload of performing a Denial of Service due to the large number of packets it sends out.

source: http://securityresponse.symantec.com/avcenter/venc/data/w32.sqlexp.worm.html

[Fractal Trader]

Bushie, aren't you so GLAD the Microsoft has shown that they can handle mission critical applications like banking?

/sarcasm

[sausageseller]

Never mind the dog.

Beware of owner!

[Rifleman]

Well, I am no fan of MS, but the patch for this vulnerability has been out for several months.
My understanding is that it is a pain in the arse to
apply.

[big bad easter bunny]

I want every one to know about AVG anti virus; http://www.grisoft.com/html/us_index.htm?session=3dcb1501d4bf60b85a422c6f77a0eaff

they have a server version, you get 2 lisences for about $40. Well AVG found it on my server last night and got rid of it. They have a free version for your PC. Thought you all might like to know.