Serious security flaws in CIMB Clicks might have led to accounts being hacked

annehuda · Post time 17-12-2018 10:03 AM

Something strange is happening with CIMB Clicks, and judging by their rather abrupt implementation of a reCaptcha code on their login page today, there are reasons to be concerned.

We are not publishing details for now, as it might lead to more abuse. We strongly recommend changing your password right now to something complex using an online password generatoruntil this massive security flaw is patched. If you have a CIMB Debit card tied to your banking accounts, we recommend setting its limit to the minimum amount to minimize any potential abuse.

We have reached out to CIMB Malaysia to obtain official clarifications from them. So, stay tuned.

Developing story…

bleh cek di link ni https://www.lowyat.net/2018/1750 ... d-over-the-weekend/

annehuda · Post time 17-12-2018 10:04 AM

ALERT UNTUK SEMUA PENGGUNA CIMB CLICKS!
(update takut ada yang tersalah masuk ke laman web pishing)

Pergi ke laman web CIMB CLICKS dan login seperti biasa. TETAPI, cuba letak additional nombor atau huruf selepas huruf password korang yang terakhir. Contoh:

password cimbclicks: AppleFuji12

Ok sekarnag tambah jadi AppleFuji12345678

Kalau still boleh log in account korang, saya NASIHATKAN cepat-cepat update password cimbclicks anda. Besar kemungkinan account cimbclicks anda dah diceroboh dan integrity password korang dah dilemahkan.

"Pencegahan Lebih Baik Daripada Penyesalan"

Semoga membantu.

kechikchomel · Post time 17-12-2018 10:17 AM

iolss dah try buat. memang boleh log in

terussss iolss tukar password. ngok betul CIMB!

cheezzy · Post time 17-12-2018 10:23 AM

yer. ramai dh try mmg boleh masuk.
aku pun boleh.
ingat nak tukar bank ni

moonbug · Post time 17-12-2018 10:24 AM

kechikchomel replied at 17-12-2018 10:17 AM
iolss dah try buat. memang boleh log in

Masalahnya dah 2 minggu ni orang hilang duit hari-hari tapi CIMB buat apa je? Macam takde mitigation measure je. I takut gila ni nak login pun

hasniey · Post time 17-12-2018 10:27 AM

btol la...takutnye
cepat2 tukar password

kechikchomel · Post time 17-12-2018 10:29 AM

moonbug replied at 17-12-2018 10:24 AM
Masalahnya dah 2 minggu ni orang hilang duit hari-hari tapi CIMB buat apa je? Macam takde mitigati ...

itu lahhh...sampai cecah beribu lak tu.mak iolss ada acc CIMB, tapi takde cimbclicks. nanti nak suruh dia g cek jugak.

kalau dulu bank rimau tu, iolss buat bodo je la sbb takde acc bank tu.
memang kena transfer duit g acc lain lah ni.

aechae · Post time 17-12-2018 10:30 AM

Dr last week kot dgr citer mcm2 psl cimbclicks ni... x setel lg meh? So kena tukar password ke x? Skang iols x risau sgt sbb duit dlm tu ada 2 angka je

... tp nxt week start duit bonus duit gaji lg nk msuk

...

zafira · Post time 17-12-2018 10:37 AM

cuak betul... memang boleh log in lah.. dah cuba tadi. terus tukar password baru... sudahlah baru tukar password 2 bulan lepas sebab ada cubaan login dari obersi.. padahal aman2 aje akak kat KL ni... cincau betull....

sue_0684 · Post time 17-12-2018 10:44 AM

hanat btol la.. aku pon kena. aku nk terminate acc dgn cc aku.

lailies · Post time 17-12-2018 10:47 AM

saya pun boleh login if tambah no lain blakang passwor...nk change password lain x boleh..katanya salah loginId...padahal dh masuk yg btul

awanearisu · Post time 17-12-2018 10:50 AM

Ini amat membimbangkan

moonbug · Post time 17-12-2018 10:58 AM

sue_0684 replied at 17-12-2018 10:44 AM
hanat btol la.. aku pon kena. aku nk terminate acc dgn cc aku.

Kau kena apa sis?

Sazida · Post time 17-12-2018 11:02 AM

apsal la website cimb ni selalu problem.... pastu kalau ada masalah jadi staff buat xtau je

forselab · Post time 17-12-2018 11:05 AM

lailies replied at 17-12-2018 10:47 AM
saya pun boleh login if tambah no lain blakang passwor...nk change password lain x boleh..katanya sa ...

sy pun kena mcm ni...tak dpt nak tukar password...huhu...mcmana ni..??

Sazida · Post time 17-12-2018 11:05 AM

betul..mmg blh log in... sibai..

Thanatus · Post time 17-12-2018 11:06 AM

annehuda replied at 17-12-2018 10:04 AM
ALERT UNTUK SEMUA PENGGUNA CIMB CLICKS!
(update takut ada yang tersalah masuk ke laman web pishing) ...

aku dah tried... mmg boleh login with wrong passwords.
Changed password just now, tried buat balik dah tak boleh dah.

julia5094 · Post time 17-12-2018 11:09 AM

Macamana nak tukar password?? I blur sbb takut sgt..luckily dah kluarkan semua duit tadi...ni yang berani log in pasal nak tukar password..

insulin · Post time 17-12-2018 11:10 AM

Ermmm. Kasihan kepada mangsa2 yang terlibat.

Thanatus · Post time 17-12-2018 11:13 AM

julia5094 replied at 17-12-2018 11:09 AM
Macamana nak tukar password?? I blur sbb takut sgt..luckily dah kluarkan semua duit tadi...ni yang b ...

kat bawah, bottom left ada "system" icon. click that icon then go to MyProfile

		Remember me	Forgot password?
Password			Register

[Jenayah] Serious security flaws in CIMB Clicks might have led to accounts being hacked

Rate

Rate

Category: Semasa