An official from the Federal Bureau of Investigation has cautioned consumers about the “new and highly sophisticated danger.”
A top FBI official has now released a statement to consumers that warns them of the “new and highly sophisticated danger” that is associated with the risks and vulnerabilities in mobile banking.
As a growing number of people look to mobile payments and wallets, the security risks are also rising.
According to the FBI’s Cyber Division assistant director, Joseph Demarest, “Vulnerabilities in mobile banking pose another new and highly sophisticated danger, as mobile banking vulnerabilities may exist on mobile devices that are not patched, and malware can be developed to specifically target the use of mobile devices.” Demarest made this statement as a part of prepared testimony that he presented in a Senate Banking, House, and Urban Affairs hearing on cyber security that was held last week.
There are many different threats to security, but malware is very high on the list in compromising mobile banking apps.
Demarest specifically pointed out the vulnerability that exists in the malware called Zeus-in-the-middle, which is a mobile version of the malware threatening PCs and laptops called GameOver Zeus. The original was exceptionally sophisticated and was one of the most challenging malware types that “the FBI ever attempted to disrupt,” said Demarest.
The GameOver Zeus malware was created to swipe the banking credentials that could be used by cyber criminals to be able to either create or redirect wire transfers in order to send the funds to bank accounts located overseas. More than 1 million computers were infected by that malware, worldwide. It led to an estimated loss of more than $100 million.
Although the mobile security threat version of that malware, Zeus-in-the-Middle, has not yet caused the same degree of loss or damage as its PC based counterpart, the fact that it exists at all should be seen as a reflection of the kind of risk that is present and growing in mobile banking and other smartphone and tablet based platforms. These vulnerabilities can make their way into devices by way of infected apps, speak phishing emails, and a number of other pathways.
