Banks across the world are falling prey to hackers and other cyber criminals. From European ATMs spewing cash to Indian banks losing their customer’s debit card details, customers are hit hard. Well, as per Kaspersky Lab’s global research and analysis team, it appears as if Asian and African Banks at least, are being attacked using a zero day vulnerability.
A zero-day exploit, in case you are unaware of it, is usually a malicious program that is capable of installing additional malware on your systems. It is called zero-day because it refers to a loophole in the software that is unknown to the vendor too. These loopholes then grant access to hackers who attempt to make the most of it before the vendor is able to sort it out.
This particular issue deals with the InPage Text Editor, which is a software package used by various Urdu- and Arabic-speaking people and organizations around the world. The software is quite popular and has users in India, Pakistan, UK, the US, Canada, Europe, South Africa, Bangladesh, Japan and other territories. The package is being used by as many as 2 million users across the globe.
Meanwhile, this particular exploit was used in attacks against banks in several Asian and African countries. The major issue with this particular instance of zero-day exploit and why it remained operational for so long is the fact that the software package involved is highly localized. As such, vendors are less likely to scout to the software for any vulnerabilities.
Speaking on the topic, Denis Legezo, security expert at Kaspersky Lab GReAT said,
The use of vulnerabilities in specific software with a relatively low global presence and a very narrow target audience is an easy-to- understand tactic. The attackers adjust their tactics to their target’s behavior by developing exploits for custom software which doesn’t always receive the kind of scrutiny that big software companies apply to their products. Since local software is not a common target of exploit writers, vendors are not very responsive to vulnerability reports and existing exploits remain workable for a long time.
Well, here is what Kaspersky suggests you can do to ensure that your business, your employees and you, are safe from this hack:
- Make sure you have a corporate-grade internet security suite capable of catching exploits generically, such as Kaspersky Endpoint Security for Business.
- Instruct your staff not to open attachments or URLs in emails sent from unknown sources.
- Use the most recent versions of software on endpoints in your company. Avoid using software known to be vulnerable. To automate these task use Vulnerability Assessment and Patch Management solutions.
It is also recommended to provide your staff with the basics of cybersecurity, so that they are able to prevent attacks at the expense of their personal assets, And of course, it might be a good idea to use an alternative to InPage Text Editor — and other programs that are known to have the potential for harm –for now.