The mobile apps of seven major banks in India have been infected with identity-stealing malware.

Researchers at FireEye told HinduBusinessLine that financially motivated cybercriminals are using sophisticated methods of attack to try and steal funds from banks, ATMs and consumers. The problem could get worse, the security firm adds, as India embraces digitisation of payments.

FireEye neglected to name the seven banks under threat from pervasive malware, but indicated that all the viruses could steal user information and siphon funds. FireEye has contacted the banks to help them fix the holes in their systems.

The two major malicious programs found in Indian banking apps were Webinjects and Bugat. The former is integrated into a number of malicious software suites and is used to alter what is displayed to victims. The latter is spread via email phishing campaigns and swipes user data.

“Financial attackers have improved their tactics, techniques and procedures to the point where they have become difficult to detect and challenging to investigate,” Vishal Raman, India Head at FireEye, tells HinduBusinessLine.

APAC it in

Asia Pacific is a “breeding ground” for malicious botnets and banking malware, with more than half of all instances globally occurring in the region. According to a study from Malwarebytes, the top three countries in the region accounted for more than a quarter of all banking malware detections globally.

More than 317,822 instances of banking malware were detected in the APAC region in 2016. The region was also the most infected and attacked on the planet in that year.

2016 was a record year for malware growth, with ransomware families increasing by 752% and raking in more than $1 billion in ill-gotten gains. APAC accounted for 27% of infections, in front of EMEA (25%) and Latin America (22%).

by Alex Hamilton
Alex is Senior Reporter at IBS Intelligence, follow him on Twitter or contact him at: