New Net security threat puts banks on the defensive

While they offer more and more services online, banks are increasingly getting vulnerable and exposed to threats such as stealing of user passwords that can be used to extract account information.

Recently, the websites Bank of India, Syndicate Bank and Axis Bank (formerly UTI Bank) were ‘compromised’ — a term used to describe a breach of security in a website either by hackers who use "malware" or "spyware" software to steal information. For instance, when a user clicks on a link from the Bank of India website (www.bankofindia.com), a hidden frame is inserted by a hacker's software program. So, when somebody types in the password for accessing his or her bank account, the inserted frame captures this information and loads a URL (Universal Resource Locator) from another website through a JavaScript that is downloaded and runs in the background.

But the state-controlled bank assures that last week's “compromise” did not cause any loss. “There has been no damage,” said Kalyan Sundar, general manager, IT, at Bank of India.

Internet experts say the new security attack uses multiple URLs to hoodwink banks that can block out some URLs.

“In these types of attacks, there is a small downloading program that downloads additional files, which are additional password stealing trojans,” adds Mark Bregman, EVP, chief technology officer, Symantec.

It’s a new vulnerability and could have happened due to non -updating of software security patches,” said Patrik Runald, security specialist, F-Secure.

Users of Axis and Syndicate bank were confronted with a phishing problem recently, when the fraudsters attacked from Malaysia, according to Websense Security Labs.

Users receive a spoofed email message asking them to renew certain services, and claiming that failure to do so will result in the suspension or deletion of the account. However, no bank accounts or customer information was misused.