Three banking corporations in India were the subject of new malicious activity that targeted credit card holders. The attackers used the fake versions of the banks' apps on the Google Play Store as means to trick customers into handing over account credentials.
Bogus Android apps of ICIC Bank, RBL Bank, and HDFC Bank were all used by the perpetrators on three separate occasions as a front to collect sensitive data from unsuspecting victims. Information like credit card account number, names, expiration dates, and CVV was funnelled through fake application forms which the potential victims had filled up.
Security firm ESET last week reported that the said application forms were supposedly meant to increase the credit card limits of the credit card holders. Unfortunately, the stolen information was not only collected but released online in plain text via an exposed server.
"The data entered into the bogus forms is sent in plain text to the attacker's server. The listing of the stolen data on that server is accessible to anyone with the link, without requiring any authentication," wrote ESET. "For the victims, this amplifies the potential damage, since their sensitive data is not only at the attacker's disposal, but potentially available to anyone who comes across it."
The said apps were available for download on the Play Store between June and July 2018 and were traced back to one perpetrator only. One was removed after the other, a clear indication that the attackers were hustling to get something out of this modus.
At first glance, the apps can easily be identified as fake since they offer no other functionalities other than to ask the customers' personal banking details.
Fake banking apps on Google Play leak stolen credit card data and mobile banking credentials of victims. [video]
— Lukas Stefanko (@LukasStefanko) July 26, 2018
Hundreds of victim details are exposed without authentication.
Target: #India ?? banks.https://t.co/zzbi4xjml0 pic.twitter.com/WLihAOJvF1
The company advises all mobile banking app users not to give in to promises like increasing credit card limits, especially when the transactions are not done in person or in legitimate correspondence. In addition, users are warned to pay attention to the number of downloads as well as the ratings and reviews before downloading an app from the Google Play Store.
Internet giant Google had been slammed for multiple times for its "lax" screening of apps uploaded to its app store. Despite that, the company has been continuously purging the platform from malicious apps since years ago.