Se­cu­rity flaw in bank­ing apps left mil­lions at risk of hack­ing

Western Mail - - NEWS -

MOBILE bank­ing cus­tomers are be­ing ad­vised to up­date their apps af­ter ex­perts dis­cov­ered a se­cu­rity flaw that left mil­lions vul­ner­a­ble to hack­ers.

Re­searchers found that sev­eral apps, in­clud­ing those from HSBC, The Co-op­er­a­tive and NatWest banks, had a spe­cific weak­ness that could be ex­ploited by crim­i­nals to gain ac­cess to users’ de­tails such as user­name, pass­word and Pin code.

The vul­ner­a­bil­ity, be­lieved to have put 10 mil­lion users around the world at risk, has been fixed but the ex­perts say it is not clear whether or not the flaw was ex­ploited by at­tack­ers.

They rec­om­mend us­ing the most re­cent ver­sion of the bank­ing apps and in­stalling up­dates as soon as they are of­fered.

The team from the Uni­ver­sity of Birm­ing­ham de­tected the weak­ness us­ing a tool they de­vel­oped to test 400 apps con­sid­ered to be high se­cu­rity.

Dr Tom Chothia, a se­nior lec­turer in Cy­ber Se­cu­rity at the Uni­ver­sity of Birm­ing­ham, said: “In gen­eral the se­cu­rity of the apps we ex­am­ined was very good, the vul­ner­a­bil­i­ties we found were hard to de­tect, and we could only find so many weak­nesses due to the new tool we de­vel­oped.

“It’s im­pos­si­ble to tell if these vul­ner­a­bil­i­ties were ex­ploited but if they were at­tack­ers could have got ac­cess to the bank­ing app of any­one con­nected to a com­pro­mised net­work.”

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.