The National Payments Corporation of India (NPCI) has said the recent incident of a cyber attack in Pune-based Cosmos Cooperative Bank, that has caused an over ₹90-crore loss, is due to a malware attack on the bank’s system.
Hackers transferred over ₹90 crore out on August 11 and 13 through the malware attack on the bank’s server by cloning debit cards of the bank’s customers. The transactions were carried through automated teller machines (ATMs) in 28 countries, including Canada, Hong Kong, and India. Visa and Rupay debit cards were cloned.
Malware is defined as a software designed to perform an unwanted illegal act via the computer network. It could be also defined as software with malicious intent. Malware can be classified based on how they get executed, how they spread, and/or what they do. Some of them are discussed below:
a) Virus: A virus is a program that can infect other programs by modifying them to include a possibly evolved copy of itself. A virus can spread throughout a computer or network using the authorization of every user using it to infect their program. Every program so infected may also act as a virus and thus the infection grows. Viruses normally affect program files, but in some cases, they also affect data files disrupting the use of data and destroying them completely.
b) Worms: Worms are also disseminated through computer networks, unlike viruses, computer worms are malicious programs that copy themselves from system to system, rather than infiltrating legitimate files. For example, a mass mailing e-mail worm is a worm that sends copies of itself via e-mail. A network worm, on the other hand, makes copies of itself throughout a network, thus disrupting an entire network.
c) Trojans: Trojan is another form of Malware, trojans do things other than what is expected by the user. Trojan or trojan horse is a program that generally impairs the security of a system. Trojans are used to create back-doors (a program that allows outside access into a secure network) on computers belonging to a secure network so that a hacker can have access to the secure network.
Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer.
d) Hoax: Hoax is an e-mail that warns the user of a certain system that is harming the computer. The message thereafter instructs the user to run a procedure (most often in the form of a download) to correct the harming system. When this program is run, it invades the system and deletes an important file.
e) Spyware: Spyware invades a computer and, as its name implies, monitors a user’s activities without consent. Spywares are usually forwarded through unsuspecting e-mails with bonafide e-mail i.ds. Spyware continues to infect millions of computers globally.
National Payments Corporation of India (NPCI) is an umbrella organization for all retail payments system in India. It was set up with the guidance and support of the Reserve Bank of India (RBI) and Indian Banks’ Association (IBA). NPCI has ten promoter banks.
Its recent work of developing Unified Payments Interface aims to move India to a cashless society with only digital transactions.
It has successfully completed the development of a domestic card payment network called RuPay, reducing the dependency on international card schemes.