Client Affairs
Korean Banks Hit By Fake Mobile Apps, Warns Security Firm

South Korean banks have been hit by criminals using fake banking apps to steal user details, and thousands of apps are potentially vulnerable, which is a threat that has been flagged recently by the UK financial regulator, among others.
South Korean banks have been hit by
criminals using fake banking apps to steal user details, and
thousands of apps
are potentially vulnerable, which is a threat that has been
flagged recently by
the UK
financial regulator, among others.
The Korean banking issue has been flagged
by FireEye, a network security firm, which recently identified a
malicious
mobile application that installs a fake banking application
capable of stealing
user credentials.
FireEye, when questioned by this publication about the issue, said it is in contact with local authorities in Korea but did not elaborate on the matter.
The app has been deemed to target Hana,
IBK, KB Kookmin, NH, Woori, and Shinhan; all of which are
Korean-headquartered
banks. The top-level app acts as a fraudulent Google Play
application, falsely
assuring the user that it’s legitimate, FireEye said in a
statement yesterday.
While only Korean banks were mentioned in
the report, the threat of such security breaches will be of
concern to the
global banking sector, including the wealth management arena, as
firms have
embraced apps as a way to harness the trend of mobile technology.
The issue is
particularly acute at a time of general concern about threats to
cyber security
and online communications generally. The Financial Conduct
Authority, the UK regulator, has warned about this issue. In
2010, Citigroup advised US-based users of its free iPhone banking
app to upgrade to a newer version that addressed coding-based
security flaws.
According to FireEye’s report, once
installed, an app can present itself as a Google Play app and ask
the user for
permission to activate itself as a device administrator, which
gives the app ultimate
control over the device.
After installation, the app checks whether
any of the six targeted banking apps have been installed. If it
finds one, it
deletes the legitimate banking app and silently replaces it with
a fake
version. Once that occurs, the fraudulent app will prompt the
user to enter
their banking account credentials, allowing the thief to then use
this
information to withdraw money from the user’s account, FireEye
said.
FireEye has identified more than 2,000 apps
on Google Play that are vulnerable to infection, with over
100,000 downloads
each. This makes the total download count for these potentially
harmful apps
greater than 2.56 billion.