I have developed a proof-of-concept virus to attack the ICICI Online
banking using Man-in-Middle / Man-in-Browser attack method. I am
releasing a video (of only 8 minutes) to show what such an attack can
do to an online banking customer, who uses ICICI online banking and
how it can result in a financial loss to the ICICI Online banking
customer.
The false and misleading 'proof of concept' mentions the exploit by a
Trojan (man in the middle/man in the browser) which attacks a user’s
computer. It is evident that the author has no understanding of the
Bank's security controls and processes on the internet banking portal.
The Bank has identified and adequately dealt with such a risk &
provided for mitigating controls (which have also been checked through
independent sources) and takes this opportunity to reassure its
internet banking customers of the safety and security of the Bank's
internet banking portal. Hence, this 'proof of concept' is totally
baseless and misleading, and done with some ulterior motives. The
author is a software developer & has published similar content for
other banks as well and appears to be seeking attention for own
gains.”
Regards,
ICICI Bank Team
On Dec 19, 2:45 pm, Yash <yas...@gmail.com> wrote:
> I have developed a proof-of-concept virus to attack the ICICI Online
> banking using Man-in-Middle / Man-in-Browser attack method. I am
> releasing a video (of only 8 minutes) to show what such an attack can
> do to an online banking customer, who uses ICICI online banking and
> how it can result in a financial loss to the ICICI Online banking
> customer.
> The false and misleading 'proof of concept' mentions the exploit by a
> Trojan (man in the middle/man in the browser) which attacks a user’s
> computer. It is evident that the author has no understanding of the
> Bank's security controls and processes on the internet banking portal.
> The Bank has identified and adequately dealt with such a risk&
> provided for mitigating controls (which have also been checked through
> independent sources) and takes this opportunity to reassure its
> internet banking customers of the safety and security of the Bank's
> internet banking portal. Hence, this 'proof of concept' is totally
> baseless and misleading, and done with some ulterior motives. The
> author is a software developer& has published similar content for
> other banks as well and appears to be seeking attention for own
> gains.”
>> The false and misleading 'proof of concept' mentions the exploit by a
>> Trojan (man in the middle/man in the browser) which attacks a user’s
>> computer. It is evident that the author has no understanding of the
>> Bank's security controls and processes on the internet banking portal.
>> The Bank has identified and adequately dealt with such a risk&
>> provided for mitigating controls (which have also been checked through
>> independent sources) and takes this opportunity to reassure its
>> internet banking customers of the safety and security of the Bank's
>> internet banking portal. Hence, this 'proof of concept' is totally
>> baseless and misleading, and done with some ulterior motives. The
>> author is a software developer& has published similar content for
>> other banks as well and appears to be seeking attention for own
>> gains.”
>> Regards,
>> ICICI Bank Team
> ...
> You mean he/she is a spammer! Surprize surprize!
