The new-age cyber criminal doesn't need your bank cards or account details to get a cash machine to spit out money. Using malware, they can hack into an Automated Teller Machine and empty it within minutes.
Security agencies have cautioned the banking sector with cases of this new 'ATM breach' - which does not require cloned cards or physically breaking into the hardware - now coming to light in various parts of the country. According to investigators, a Chinese software - Rufus - is being used by criminals to access cash dispensers and loot money. Instances have been reported in Odisha, West Bengal, Bihar and Gujarat.Read more
A series of potentially calamitous leaks in India leave as many as 130 million people at risk of fraud or worse after caches of biometric and other personal data became accessible online.
That’s according to a new report from the Bangalore-based Centre for Internet and Society (CIS), which details breaches at four national- and state-run databases, all of which are said to contain purportedly “uniquely-identifying” Aadhaar numbers. Launched in 2009, the Aadhaar system is an ambitious, albeit flawed program aimed at assigning unique identity numbers, not only to Indian citizens, but everyone who resides and works in the country.Read more
A security researcher could have stolen as much as $25 Billion from one of the India's biggest banks ‒ Thanks to the bank's vulnerable mobile application.
Late last year, security researcher discovered a number of critical vulnerabilities in the mobile banking application of an undisclosed bank that allowed him to steal money from any or all bank customers with the help of just a few lines of code. Being a white hat hacker, he immediately reached out to the bank and alerted it about the critical issues in its mobile app and helped the bank fix them, instead of taking advantage of the security holes to steal money from the bank that has about 25 Billion USD in Deposits.Read more
The Indian government faced a wave of outrage due to controversial clauses in a recently published draft of its new National Encryption Policy.
The policy draft, written by the Department of Electronics and Information Technology, stipulated that mobile users in the country would be legally required to store any encrypted communications on their devices for up to 90 days -- and could be punished if they failed to comply. Almost every Internet-based method of communication uses some level of encryption. This means that deleting messages that are less than three months old from widely used instant messengers would be illegal.Read more
A hacker group that appears to be residing in China has been targeting India and Southeast Asian nations in a bid to extract information about ongoing border disputes and other diplomatic issues.
Describing the hackers as part of an APT group, cybersecurity vendor FireEye said the attack campaign had been ongoing since 2011 and targeted more than 100 victims. The group would send spearphishing e-mails attached with Microsoft Word documents containing a script, which would create backdoor on infected machines. FireEye also detected the attacks in April 2015, a month ahead of India's premier Narendra Modi's first state visit to China.Read more