ICICI Bank on January 13 acknowledged the presence of a malware in its mobile banking app but said there is no significant threat from it to its customers. According to the bank's chief technology and digital officer B Madhivanan, "Whatever we have seen, the malware seems to be not very significant."
In our previous report, we have informed you that, Pune based cybersecurity firm spotted a Trojan malware called "Android.banker.A9480," affecting more than 232 banking apps.
In an alarming revelation, the banking apps of major Indian banks such as ICICIBank, SBI Anywhere Personal, HDFC Bank MobileBanking, IDBI Bank GO Mobile+, Union Bank Commercial Clients and many other banks, were under the malware's threat. But ICICI's statement on the matter should calm the panic among users.
How does Android.banker.A9480 malware work?
Basically, the malware shows fake notifications, which targets the banking apps. The moment a user clicks on the notification, they are tricked to a fake login screen, which is used to steal user's net banking login ID and password.
Malware can intercept all the incoming and outgoing SMSes with the help of admin access. And with this power, hackers can actually gain access to the user's accounts bypassing OTP-based verification.
Acknowledging this problem B Madhivanan said, "There is always somebody or the other who is trying to attack, and that's how this entire world of cyber criminals work. But given the multilevel securities that we have put in place, we believe we are extremely capable of defending it within our entire financial structure."
To avoid this dangerous malware the cybersecurity firm Quick Heal also suggested users not to download any application from third-party stores. It is advised not to download any app from the links sent over SMS or email.
Madhivanan also added that there are 8 million customers who are using the mobile banking app, and this number is growing fast. Mobile transactions will soon be overtaking the Internet banking and will become the new standard for transactions.
So far only ICICI had made the statements to the press on the potential threat of a malware attack on banking apps. Stay tuned for more updates from other banks.