Presenting Partner

Life Insurance Corporation of India

Moneycontrol

Budget 2022

Associate Partners:

  • Kotak Mutual Fund
  • Pharmeasy
  • Indiabulls
  • SBI

Presenting Partner

Life Insurance Corporation of India

Moneycontrol

Budget 2022

Technology Partner

Dell Technologies

Associate Partners

Kotak Mutual Fund
Pharmeasy
Indiabulls
SBI
UPCOMING EVENT:Are you 45+? Planning for retirement? We have just the right webinar for you - Planning for Retirement with Life Insurance on 27-Jan, 3pm. Register now!

Are mobile transactions secure? Study says apps of 7 banks vulnerable to theft

Cyber security firm FireEye said the apps were infected with malware that could allow hackers to steal user credentials.

April 06, 2017 / 10:23 AM IST

Even as banks continue to discourage cash transactions, a study has revealed that mobile apps of seven Indian banks are vulnerable to theft of sensitive financial information, according to a report in Business Line.

Vishal Raman, the India head of cyber security firm FireEye, was quoted as saying that these apps had been infected with malware that could steal user credentials.

He did not reveal the names of the banks but said that FireEye had alerted them about the threat.

Raman said that as digital payments systems gain more traction in India, they will become more lucrative targets with hackers thwarting efforts to keep them out.

The two major malware detected on the Indian banking apps are Webinjects and Bugat.

Close

While Webinjects allows hackers to change what is displayed to victims and encourage them to download a malicious application, Bugat is exclusively used to target financial services.

The revelation raises more concerns regarding the security of banking apps. Since the government began its push for a less-cash economy last November, banks have been encouraging customers to take the digital route through several measures including imposing charges on cash transactions.

The government even launched its own digital payment services including BHIM and UPI. However, sources recently told Moneycontrol that these may be vulnerable to security glitches and banks have witnessed several instances of fake transactions.

Last month, state-owned Bank of Maharashtra filed a First Information Report in Pune against 50 people for illegally pulling money using the UPI app and causing a loss of Rs 6.14 crore to the bank.

Two other private banks are also said to have witnessed some breaches but have not reported it. The names of the banks could not be identified.

Last week, National Payment Corporation of India (NPCI) said Rs 25 crore has been moved out of Bank of Maharashtra (BoM) accounts owing to a bug in its Unified Payment Interface (UPI) application.
Sections
ISO 27001 - BSI Assurance Mark