Walton Board is Stealing Passwords, Hosting a Yahoo Phishing Page

By Aamir Attaa | 05, Apr 2010 | 17 Comments

Walton Cantonment Board, which is responsible for holding and controlling most posh living areas like Defence Housing Authority, is sending Phishing emails to internet users of Pakistan.

Emails ask users to verify their Yahoo accounts, and pose as to be sent from Yahoo. However, the page that asks for user-name and password is hosted on Walton Cant Board’s official website.

This incident is a clear evidence of lack of interest from government and semi government organizations relating to information technology. This is merely because of those tech-ignorant bosses, who leave IT work on their webmasters, who are hired on references and not on merit.

By the way, phising is chargeable offense, and an Application to FIA will be enough to take the culprits to the jail. All evidences are provided below.

Beware: Any information entered on this page will be stored on Walton Cant website, and administrator who is involved in this criminal activity may compromise your account.

Check following screen shots for proof…!

Following is screen shot of email sent to users

Walton Cant Board Walton Board is Stealing Passwords, Hosting a Yahoo Phishing Page

When you click this link (given in email) http://wcb.gov.pk/logs/W3SVC26/yahoo/verify.html it takes to following phising page. It merits mentioning here that Walton Cantonment Board’s official web address is: http://wcb.gov.pk/

Walton Cant Board 01 Walton Board is Stealing Passwords, Hosting a Yahoo Phishing Page

Thanks to Azhar Ayaz for tip

http://www.bstelecom.tk Ehtesham ul haq

hahahahaha….. interesting happing in pk online world….
kashif

dude, it’s not phishing page.. check source of http://wcb.gov.pk/logs/W3SVC26/yahoo/verify.html .. url is only masked
- http://sms4smile.net/ NJM
  
  I can confirm that it’s 100% phishing page, check source and look for form tag
http://www.3arn.net/ Make money with Abdul

I’m pretty sure that the website is hacked. Else, why would they need to do such a thing?
- admin
  
  This is a good excuse, its just like a culprit is found with drugs – and he starts saying oh man this is not mine, somebody kept it in ma pocket
  - http://www.3arn.net/ Make money with Abdul
    
    I re-read the article, of course this isn’t something that their own IT team would do. If they had outsourced their work to some third developer, then he might have done such a thing. This is pathetic.
Abbas

FOUND THIS IN THE SOURCE CODE. DONT KNOW HTML OR PHP BTW…

form method=”post” action=”http://www.bhutanpristine.com.bt/images/btlog41.php” autocomplete=”off” name=”login_form”>
Abdullah Ali

WHT THE HELL THEY DOING MAN… govt site doing such a cheap thing….
http://www.pakservers.com Saad

The person is using images and css files from yahoo servers but the form is being submitted here: bhutanpristine.com.bt/images/btlog41.php

I think the site has been compromised by someone living in Bhutan as .com.bt is the CC TLD for that country. I tried getting the whois information for that domain but they don’t have a whois server/database as yet.
http://abdulqadoos.com Abdul Qudoos

:D chalo shukar karo kisi pakistani government site nay b hil jul ki
Monster

me also think that website may b hacked by some1
is there behind mr.c0d3r…? :-D
Muhammad Zohair Chohan

We have already shared stories of culprit webmasters, this adds one more :P
UNKNOWN-47

WOW GREAT WAY TO STEAL PASSWORDS KEY-LOGGERS TROJANS AND SPY-WARES ARE OLD METHODS NOW.LIKE IT :)
http://WaltonBoard.Com Walton Board

Kiya Hacking ha yaar :> phishing attacks
http://downit.pk Noel Times

I prefer the hotfile, fileserve and filesonic a great deal of. When i never see there service got down.
http://hidayat-e-ummah.bd.to Ateeb Malik

Salam
dear i would like to clear it that this is not WCB’s fault…
what i think is that any hacker found a vulneribility in that site and used it to upload his/her phishing page…
i personally know many of the people who use this method to con ppl..
Mess@ge 4m Malik: Always think positive ;)
specially if it is related to your own gov.
cyber war is on b/w pak & ind
they are continusly hacking our paki websites and uploading thousands of spaming or hacking wares on our govt sites… just to misguide ppls…
if u wanna discuss more than do comment below
i m onnn
i have activated the comment subsription for this post so that i can answer your question within 40hrs :p
(note: i didn’t mean to hurt anybody’s ego.. all i want is to clear the point..)/\
fiamanAllah
http://kangodugunde.com/login.php?return=/ viewme

We’re a group of volunteers and starting a brand new scheme in our community. Your web site provided us with useful info to paintings on. You’ve performed an impressive task and our entire group might be grateful to you.