According to Kaspersky Lab’s global research and analysis team Asian and African Banks are attacked using a zero day vulnerability.
The research teams have discovered attacks which appear to be using a zero-day exploit (a malicious program allowing additional malware to be silently installed) for the InPage text editor. InPage is a software package used by Urdu- and Arabic-speaking people and organizations around the world. The exploit was used in attacks against banks in several Asian and African countries.
According to the InPage website, in addition to India and Pakistan, where the software is widely used, there are thousands of users in other countries such as the UK, the US, Canada, a number of countries in the European Union, South Africa, Bangladesh, Japan and other territories. The total number of InPage users is almost 2 million worldwide. Attacked organizations identified by Kaspersky Lab researchers are located in Myanmar, Sri-Lanka and Uganda.
Security specialists advise financial organizations to check their systems for the presence of these threats and to implement the following measures:
- Make sure you have a corporate-grade internet security suite capable of catching exploits generically, such as Kaspersky Endpoint Security for Business.
- Instruct your staff not to open attachments or URLs in emails sent from unknown sources.
- Use the most recent versions of software on endpoints in your company. Avoid using software known to be vulnerable. To automate these task use Vulnerability Assessment and Patch Management solutions.