CIMB denies its online banking system was hacked,

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Kopitiam -> The Museum Of Kopitiam

Bump Topic Add Reply RSS Feed

Outline · [ Standard ] · Linear+

CIMB denies its online banking system was hacked,, assures all is secure News

views

unknown_2	Dec 17 2018, 05:08 PM Return to original view \| Post #1
On my way Junior Member 573 posts Joined: Mar 2012	QUOTE(joe_mamak @ Dec 17 2018, 03:12 PM) https://www.thestar.com.my/news/nation/2018...-all-is-secure/ CIMB denies its online banking system was hacked, assures all is secure Nation Monday, 17 Dec 2018 10:56 AM MYT PETALING JAYA: CIMB Bank Berhad has refuted allegations that there was a security flaw in its online banking portal. CIMB said its online banking portal, CIMBClicks, remains secure and all customers' transactions continue to be protected. "The bank would like to inform that it had, over the weekend, introduced a few additional measures to enhance the security of its CIMBClicks transactions. "Apart from ensuring that the system is now able to accommodate passwords longer than eight characters and up to 20 characters, we have also added the reCaptcha security measure on CIMBClicks to ensure the user is not a bot," it said in a statement on Monday (Dec 17). Over the weekend, purported issues with CIMB's online banking portal went viral after social media users claimed that funds from their online banking accounts had been transferred out to online payment site PayPal. Users had also alleged that their passwords were opened for hacking. Popular online forum Lowyat.net had also reported that serious security flaws in CLIMBClicks might have led to its accounts being hacked. technically not hack, is kena exploited. kena exploit by brute force password cracking. really topkek.
Card PM	Report Top Like Quote Reply

unknown_2	Dec 17 2018, 05:21 PM Return to original view \| Post #2
On my way Junior Member 573 posts Joined: Mar 2012	QUOTE(puchongite @ Dec 17 2018, 05:13 PM) Apa you cakap ? Brute force attack is a type of hacking. hack1 /hak/ verb gerund or present participle: hacking 1. cut with rough or heavy blows. "I watched them hack the branches" synonyms: cut, chop, hew, lop, saw; slash "Stuart hacked the padlock off" 2. gain unauthorized access to data in a system or computer. usually when we said the system was hacked, it's refer to more serious situation such as: 1) hacker has gain root/admin access to som of the server 2) hacker able to change server side settings 3) hacker able to extract information from database this cimb attack, hacker simple brute force their way into user account, all they need is the username. this is due to cimb doesn't implement try limit, & 8 characters r just quite ez to brute. this is comparable to u saw your fren fb password written in his notes, then later u tried that password & gain access to his fb. in this case, u dint hack his account, u're not a hacker, u merely exploited a loophole which is that ur fren dont like to remember password & wrote it in his notes. u gain access to his user account, but u dint hack fb core system.
Card PM	Report Top Like Quote Reply

unknown_2	Dec 17 2018, 05:43 PM Return to original view \| Post #3
On my way Junior Member 573 posts Joined: Mar 2012	QUOTE(puchongite @ Dec 17 2018, 05:31 PM) Long story. Reference ? not long ago, i think early or mid of this year? cimb roll out their new cimbclick. new looks, new login. but the topkek thing is, it's limited to 8 character password. so all the existing users wit password >8 character need to change to 8 characters dead, no more, no less. then fast forward recently, they finally & quietly made the tweaked that allows more than 8 characters, but even though they allow user to hav password stronger than 8 characters, it will still check only the first 8 characters for authentication. example, your password is 12345678. u can log in wit 12345678, or 12345678acb, doesn't matter as long as the 1st 8 characters matches. with that, hackers edi know what to exploit. they need to get the database of username, which is ez & not encrypted, then do a brute force on it. if u brute force not knowing the password is 4 or 8 characters long, it will take long time. the fact that hackers knew it was 8 characters dead made it that much faster to brute.
Card PM	Report Top Like Quote Reply

unknown_2	Dec 17 2018, 05:59 PM Return to original view \| Post #4
On my way Junior Member 573 posts Joined: Mar 2012	QUOTE(puchongite @ Dec 17 2018, 05:50 PM) You really like long story ? I am asking you for your reference of the definition of hacking. Not asking you to write another long story. You have a weird definition for hacking. Then you better show an authoritative reference. no need reference. if u tell any hackers that is hacking, they will laugh at u kiddo.
Card PM	Report Top Like Quote Reply

« Next Oldest · The Museum Of Kopitiam · Next Newest »

Bump Topic Add Reply Options New Topic

Change to:

0.0147sec

0.66

6 queries

GZIP Disabled
Time is now: 19th December 2025 - 04:58 AM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.