Mobile apps of 7 Indian banks are already infected with malware, says cybersecurity firm

According to a report by The Hindu BusinessLine, a US-based security research firm claims that seven banks in India have compromised mobile apps. The mobile apps from these banks were infected by malware and can steal sensitive information.

The study however does not reveal the names of these banks which form a part of larger study that FireEye, a US-based security research firm has tracked across the globe. According to the same report, such incidents have affected banks in Ukraine, Ecuador and India with losses going well over $100 million.

According to FireEye India Head, Vishal Raman, the firm has observed an upward trend with financially-motivated cyber-criminal groups that have launched sophisticated attacks to steal funds from not just banks, but consumers, organisations and ATMs as well.

He also said that India’s increasing dependence on digital payment systems will make them more lucrative targets.

The security firm so far has informed the banks about the problem. According to Raman, financial attackers are better equipped than banks making it difficult to not just protect, but even detect and investigate into such matters.

The two types of malware found on the banking apps include Webinjects and Bugat. While Bugat is a credential theft malware, Webinjects can do a lot more damage, giving hackers the permissions to dynamically alter what a smartphone displays on its screen that makes it a lot easier to trick victims.