South Korean banks have been hit by criminals using fake banking apps to steal user details, and thousands of apps are potentially vulnerable, which is a threat that has been flagged recently by the UK financial regulator, among others.
South Korean banks have been hit by
criminals using fake banking apps to steal user details, and thousands of apps
are potentially vulnerable, which is a threat that has been flagged recently by
financial regulator, among others.
The Korean banking issue has been flagged
by FireEye, a network security firm, which recently identified a malicious
mobile application that installs a fake banking application capable of stealing
FireEye, when questioned by this publication about the issue, said it is in contact with local authorities in Korea but did not elaborate on the matter.
The app has been deemed to target Hana,
IBK, KB Kookmin, NH, Woori, and Shinhan; all of which are Korean-headquartered
banks. The top-level app acts as a fraudulent Google Play application, falsely
assuring the user that it’s legitimate, FireEye said in a statement yesterday.
While only Korean banks were mentioned in
the report, the threat of such security breaches will be of concern to the
global banking sector, including the wealth management arena, as firms have
embraced apps as a way to harness the trend of mobile technology. The issue is
particularly acute at a time of general concern about threats to cyber security
and online communications generally. The Financial Conduct Authority, the UK regulator, has warned about this issue. In 2010, Citigroup advised US-based users of its free iPhone banking app to upgrade to a newer version that addressed coding-based security flaws.
According to FireEye’s report, once
installed, an app can present itself as a Google Play app and ask the user for
permission to activate itself as a device administrator, which gives the app ultimate
control over the device.
After installation, the app checks whether
any of the six targeted banking apps have been installed. If it finds one, it
deletes the legitimate banking app and silently replaces it with a fake
version. Once that occurs, the fraudulent app will prompt the user to enter
their banking account credentials, allowing the thief to then use this
information to withdraw money from the user’s account, FireEye said.
FireEye has identified more than 2,000 apps
on Google Play that are vulnerable to infection, with over 100,000 downloads
each. This makes the total download count for these potentially harmful apps
greater than 2.56 billion.