Tuesday, 9 January 2018

Banks warn of new mobile malware

Banks warn of new mobile malware

MUMBAI: Banks are warning customers of the risk of their mobile banking credentials being stolen by malware masquerading as a Flash player sent to them through unwarranted messages or through pop-ups on websites.

The warning follows an advisory by Quick Heal Security Labs that it has detected an Android Banking Trojan that targets over 232 banking apps, including those offered by Indian lenders. The malware is known as Android.banker.A2f8a(previously detected as Android.banker.A9480). According to Nitin Bhatnagar of SISA Information Security, the operation is similar to a phishing website. The malware works in the background and sends fake notifications, resembling those sent by banking applications. When users open these applications they are directed to fake login screens that are then used by the attackers to steal and extract confidential data. The malware also intercepts SMSs sent by banks and is able to access one-time passwords .

The lender has also warned customers against using 'jailbroken' or 'rooted' mobiles for banking transactions. Jailbroken iPhones are those handsets that allow apps — not part of the official app store — to be installed on the phone. Rooting an Android device allows the user to make granular changes to the operating system, which could lead to malicious apps being installed if the user is careless. Another private lender Karur Vysya Bank, in a similar advisory, has pointed out to customers that Adobe Flash player is inbuilt in Android mobile browsers since version 4.1 and official versions are not being offered for download in Google Play Store.

"For mobile applications there are no standards as such but there are best practices available for secure coding," said Bhatnagar. "Banks procuring apps from third-party vendors need to make sure that the vendor provides all test reports showing that they follow the payment application data security standards (PA-DSS)," he added.


Post a Comment