Security Company Sisa Launches Warning Over Malware Violation Of Bank Payment Server
Sisa, the payment security firm, has rolled out an advisory to all payment processors and banks after it found that attackers had managed to add in malicious software into the server of payment switch of an anonymous bank. The suggestion is in the nature of a caution to other banks to retune passwords for workers with access to transaction servers and to employ 2-factor verification for offering access.
A spokesperson of Sisa claimed that a malicious software code (script) has been added into the application server of transaction switch. It is the hub that interacts with transaction networks. This malicious code is able to collect data of payment card (including expiry date, card number, and other user data including CVV). The attacker can then use this data to conduct payments and clone cards. The malicious code also allows payments by conveying false response to the transaction network regarding the card. The false responses make sure that no data of the outgoing payment response or incoming payment request are recorded in the logs of switch application.
While the malicious code has been recognized, it is not yet obvious if user accounts have been negotiated.
SISA is the transaction forensic examiner that examined biggest debit card violation in India last year that forced one of the largest reissuance of debit card in the nation. “We have rolled out this suggestion in the interest of proactively protecting the transaction card sector on the basis of latest findings by SISA Payment card industry Forensic Investigation (PFI) Lab,” claimed a spokesperson of the company to the media in an interview.
In India, banks are not ordered to disclose to either to their users or to the public about data violation. Lenders do not even post data violations to peer banks. On the other hand, 2 years back the RBI had made it obligatory to report such attacks.