Hackers Hijack GTBank Website, Intercept Customers’ Data In Massive Phishing Operation

Suspected cybercriminals appeared to have compromised the domain address of Nigeria’s banking giant GTBank.

Checks by Peoples Gazette showed Wednesday night that gtbank.com was no longer accessible. The incident came a day after the domain name was renewed for another five years from August 13, 2024, through March 21, 2029, according to multiple online platforms that analyse domain information.

No collective of hackers has claimed responsibility for the vandalism, which appeared to have started on August 14. A spokesman for GTBank did not immediately return a request seeking comments.

Already, the attackers appeared to have created another HTTP layer of the website in an apparent ploy to steal customers’ data through phishing.

A cybersecurity expert with experience in the Nigerian banking industry said it was possible that the bank’s login details were compromised, as against the domain address itself being stolen for a resale at a more lucrative deal online.

GTBank’s customers have already started expressing their frustration about the incident, with many commenting on social media platform X that they couldn’t open the website to conduct transactions. Some of the bank’s representatives on X urged customers to be patient and send their requests to a designated channel.

The bank’s mobile infrastructure did not appear to have been affected, as Android and iOS-based applications were still in operation as of the time of this report.

GTBank is one of Nigeria’s largest banks, serving millions of customers in Nigeria and other African countries.

Peoples Gazette