Security flaw in banking apps left millions at risk of hacking
MOBILE banking customers are being advised to update their apps after experts discovered a security flaw that left millions vulnerable to hackers.
Researchers found that several apps, including those from HSBC, The Co-operative and NatWest banks, had a specific weakness that could be exploited by criminals to gain access to users’ details such as username, password and Pin code.
The vulnerability, believed to have put 10 million users around the world at risk, has been fixed but the experts say it is not clear whether or not the flaw was exploited by attackers.
They recommend using the most recent version of the banking apps and installing updates as soon as they are offered.
The team from the University of Birmingham detected the weakness using a tool they developed to test 400 apps considered to be high security.
Dr Tom Chothia, a senior lecturer in Cyber Security at the University of Birmingham, said: “In general the security of the apps we examined was very good, the vulnerabilities we found were hard to detect, and we could only find so many weaknesses due to the new tool we developed.
“It’s impossible to tell if these vulnerabilities were exploited but if they were attackers could have got access to the banking app of anyone connected to a compromised network.”