The State Bank of India, the country’s largest bank, has had to shut down its corporate website after overseas hackers tried to break in.


While the bank said that transactions took place through www.onlinesbi.com, a senior SBI source said that the transactions were slow as the entire system was under watch.

The country’s largest bank decided to shut down its corporate website www.sbi.co.in on Wednesday evening when hackers blocked some of the pages. The bank also noticed unusually high traffic on its website on Wednesday.

Subsequently, the website was blocked with a ‘service unavailable’ or ‘our site is under maintenance’ pasted on www.sbi.co.in.

“We have informed the Reserve Bank of India and the cyber cell of the Mumbai Police, which are looking into the issue,” said a senior bank executive. The police and SBI suspect that the hackers are based overseas.

A Mumbai Police officer said that the cyber cell was investigating the complaint but did not share details: “It is big and the implications may be large.”

SBI sources, on their part, said that no evidence has been found of loss of data or consumers getting affected. “We suspect that the hackers wanted some information from the website and disrupt the whole system,” an executive, who did not wish to be named, said.

Out of SBI’s 2.7 million internet banking customers, 2.5 million are retail banking customers. In recent months, the bank has tried to push services such as e-trade and e-freight to lower transaction costs. As a result of the disruption, a host of transactions have been affected, especially since the suspension coincided with the year-end holidays.

The sites are maintained by the bank’s information technology department based out of the SBI Global IT Centre in Belapur. The department has been put on high alert and the bank is trying to restore services over the weekend.

SBI is the latest among Indian banks to face a threat from hackers. Banks routinely have to deal with phishing attempts and have over a period tried to sensitise their customers about not sharing details of their accounts over the internet.

According to a recent report by security firm Symantec, there were over 400 unique phishing attacks on reputed Indian banks during the second half of 2007. A report by MessageLabs, another security services company, indicated that phishing attacks rose 16 per cent between August and September and shot up by 103 per cent between September and October 2008.




What is Koobface?


Koobface is a malicious executable program that is commonly installed without user consent or knowledge. Koobface can be installed by itself or bundled with other infections. Koobface will often display frequent advertisements for bogus products or programs. The presence of Koobface can cause sluggish system performance, system freezes and/or crashes. Eventual system failure and blue screen could also be caused by Koobface. Koobface is not known to replicate itself at the time of this publication.

How do I remove Koobface?


This Koobface Removal guide provides two Koobface removal options, Automatic Koobface scanner and manual removal. Please see our Koobface manual removal warning before proceeding with manual removal.

Automatic Koobface scanner download


Automatic Remover
( Tried and tested for Latest Facebook / Koobface Virus ) - March 2010

Manual Koobface removal directions

Warning! Manual Removal of Koobface is intended to be used by advanced users only.

Follow directions below for Koobface removal manually:
Find and Stop Koobface Virus Processes: ctrl+alt+del -> Processes

* fbtre6.exe
mstre6.exe

Find and Remove Koobface Virus registry values:

* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\"systray" = "c:\windows\mstre6.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\"systray" = "C:\Windows\fbtre6.exe"
HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating

Find and Delete Koobface Virus Files:

* C:\\Windows\\fbtre6.exe
C:\\Windows\\fmark2.dat

How did I get Koobface?

Unfortunately it is very difficult to pinpoint the exact distribution point of Koobface. However, common delivery tactics of Koobface could be, but not limited to: trojans, browser exploits, pc ports or other vulnerable access points. We have seen reports of Koobface being distributed through fake media codec downloads as well.
Common symptoms of Koobface?

Possible attributes and symptoms of Koobface are listed below.

* Koobface may push advertisements for rogue security applications
* Koobface may cause frequent popup advertisements
* Koobface may cause sluggish system performance
* Koobface may cause slow PC processing
* Koobface may cause Blue Screen
* Koobface may cause high CPU usage

How do I prevent Koobface?

Once you have cleaned up Koobface, the main tip in order to prevent Koobface and future malicious programs from returning is to stay suspicious of new websites you have never visited. Chances are you were tricked into downloading Koobface when you thought it was something else.

More tips to prevent Koobface from returning:

* Update Windows often
* Update Windows Security Settings
* Turn on Firewall Protection
* Update Anti-Spyware Software Frequently

What is the purpose of Koobface?

The creators or authors of Koobface have one sole objective in mind, money. Almost all forms of malicious code nowadays, with Koobface being no exception, are created to make a buck. The creators or authors of Koobface know that if then can distribute “x” amount of downloads of Koobface then Koobface will generate “y” amount of revenue. In addition, many of these Malware authors have been doing this awhile so they have perfected their conversion rates and will continue to do so.

Who is behind Koobface?

It is difficult to say exactly who is behind Koobface. Certain hypothesis can be created for Koobface though. Chances are the creators or authors of Koobface are located (or at least their servers are) somewhere in either Eastern Europe or China. However, Malware has been retraced back to almost every country in the world so it really difficult to gauge this with any type of accuracy.