Alert Issued to All Banks by Security Firm SISA on Malware Attack

Latest In Information Security 4.5/5 (2)

On Tuesday payment security firm SISA has issued an alert to all banks and payment processors to change the password for all employees who have access to the payment server.

The advisory was issued after the firm discovered that some unknown hackers managed to install malicious software into the payment switch server of an unnamed bank.

Read more on: ATMs Operated by Sberbank Bank in Russia Hacked by Pressing Shift Key 5 Times

According to SISA, the malicious script was injected into the application server of the payment switch, which communicates with the payment networks.

Once the payment in initiated the malicious software is capable of collecting card details like card number, CVV number, expiry date and other information.

By using this information, the hacker can make a duplicate card and use it for further transactions.

The malicious software is also capable of enabling transactions by sending a fake response to the payment server in the application which ensures no details are logged in the switch application logs.

Even Though the malicious software has been identified, it is not still clear whether any customer accounts are compromised or not.

SISA has advised to reset passwords for all staffs who have access to the payment server and enable two-factor authentication.

“We have released this advisory in the interest of proactively securing the payment card industry based on recent findings by SISA PFI (Payment card industry Forensic Investigation) Lab.”

Read more on: New Variant GlobeImposter Ransomware Distributed via Malspam

“In the light of the recent finding, SISA suggests to the industry to implement internationally renowned Security Standards like PCI-DSS and PA (payment application)-DSS. SISA also urge Regulators and Government of India to mandate these security standard to be followed religiously,” said SISA spokesperson to Times Of India in a statement.

Earlier in India, it was not mandatory to report breaches, but two years back RBI has made it mandatory to report breaches and issue a warning to other banks without using names.

Read more on: Satori a New Variant of Mirai Botnet Exploits Zero Day Vulnerability Found in Huawei Devices


Please rate this content