Mobile apps of seven banks infected with malware: Cybersecurtiy firm FireEye
The FireEye expose comes after nearly 32 lakh bank accounts across 19 banks were hacked in a malware attack in late October last year.business Updated: Apr 06, 2017 19:21 IST
Mobile apps of nearly seven Indian banks are currently infected with malware that makes it easier for hackers to steal sensitive financial data, a new study by US cybersecurity firm FireEye has revealed.
According to the study that was reported by a financial daily, the firm has tracked banking fraud and malware attacks globally that affected banks in Ukraine, Vietnam, Taiwan, South Korea, Bangladesh, Ecuador and India, with losses totalling more than $100 million.
“We have found mobile apps of seven large banks in India infected with malware that has the capability to steal user credentials. We have informed the banks about the same,” Vishal Raman, India head at FireEye was quoted as saying. He however has declined to disclose the names of the banks to prevent misuse of the vulnerabilities.
“In India, we have seen financially-motivated cyber-criminal groups launching sophisticated attacks to steal funds from many potential sources: organisations, consumers, ATMs and banks,” Vishal explained, adding that “as India’s digital payment systems handle more transactions, they will become more lucrative targets.”
The India head also goes on to say that though security deployed by banks in India has improved over the years, hackers seem to be always one step ahead.
FireEye’s study claims that Indian banking apps were affected by Webinjects and Bugat.
According to FireEye, Webinjects are malwares that are hidden behind files which the user is forced or lured to download. “Over the past year, we reported on various types of credential theft malware using webinjects that targeted more than 600 organizations — primarily financial institutions — in over 50 countries,” FireEye said in the report.
Malware using webinjects will typically hook popular web browsers to monitor for specific URLs and target specific webpages by either injecting new code, executing a script, or covering up the normal website content with an overlay or additional form.
For example, hackers involved in banking fraud using webinjects to display a message encouraging victims to download a malicious application, under the guise of installing a personal security certificate for their cell phone SIM card.
On the other hand, Bugat is a credential theft malware used by a limited number of cyber-crime groups. These groups spread the malware widely often through spam e-mail campaigns.
However, what is more worrisome is that the revelation comes at a time when India has been trying to move to digital payments system and reduce cash transactions. Also, nearly 32 lakh customers across 19 banks were affected in a ATM malware attack in late October last year.