Rabitə və İnformasiya Texnologiyaları Nazirliyinin elektron xəbər xidməti

Warning! Attack targeted at users of as many as 21 Polish banks


It has not been half a year since the attack targeting users of mobile banking applications has been publicized. Now they have again become the target of cybercriminals.
 
Have you believed in logging in to 21 Polish banks? If so, you could have lost money! Well, the hackers in the Google Play store placed the application “Universal Banking Poland”, which aggregated login forms for 21 Polish banks. From its level, unaware users, giving their real logins and passwords, might think that they are logging in to their accounts. Unfortunately, only seemingly. The application has been designed to steal login data to bank accounts and then to withdraw money from them.
 
“Universal Banking Poland” was discovered on March 20 this year. As experts point out, it could significantly deprive the money of many uninformed users. How?
 
– With it, a user from as many as 21 Polish banks could choose the one in which he has his bank account. Then he was asked for credentials, i.e. login and password. This data was sent to the hacker, and the account login process did not take place at all. The application was able to bypass two-factor authentication – the user did not see SMSes from the bank, while access to them was gained by the cybercriminal. With their help, he could deduct money from his users’ accounts – is translating Lukas Stefanko, a researcher of threats from ESET.
 
Experts reassure the application has been removed from Google Play on the day of its discovery. Still, it is available in the so-called the second circulation, i.e. in unauthorized app stores. As Kamil Sadkowski, an ESET threat analyst, points out, attacks targeting mobile users of Polish banks are becoming more frequent.
 
A similar attack occurred in November last year. At that time, it concerned users of fourteen Polish banks. It was carried out using the applications available in the official Google Play store: CryptoMonitor and StorySaver. Both applications, apart from the promised functionalities, displayed false system notifications to their victims, which looked identically to those generated by popular banking applications in Poland. In addition, malicious applications offered false victims logging forms to bank accounts to ultimately capture their logins and passwords. However, this is not all. Experts from ESET, who identified the threats, found that both applications, like “Universal Poland Bank”, were also able to capture SMS messages containing codes to authorize online transactions.





14/04/18    Çap et